CVE-2005-2978

Published: 18 October 2005

pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.

Priority

Status

Package	Release	Status
netpbm-free Launchpad, Ubuntu, Debian	dapper	Released (10.0-10ubuntu1)
	edgy	Released (10.0-10ubuntu1)
	feisty	Released (10.0-10ubuntu1)
	upstream	Released (2:10.0-10)

References

https://ubuntu.com/security/notices/USN-210-1
https://www.cve.org/CVERecord?id=CVE-2005-2978
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.