CVE-2008-4799 — Netpbm vulnerability

CWE-1894 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.5%

top 32.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netpbm Debian Netpbm-free

Timeline

PublishedOct 31

Latest updateMay 17

Description

pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDnetpbm/netpbm10.35.47+111

▶debiandebian/netpbm-free

🔴Vulnerability Details

GHSA

GHSA-gq8f-8634-82fx: pamperspective in Netpbm before 10↗2022-05-17

▶

📋Vendor Advisories

Debian

CVE-2008-4799: netpbm-free - pamperspective in Netpbm before 10.35.48 does not properly calculate a window he...↗2008

▶

Red Hat

CVE-2008-4799: pamperspective in Netpbm before 10↗

▶