CVE-2005-2978

N/A Unknown

Published: October 18, 2005 Modified: April 16, 2026

Description

pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/17221

Source: secalert@redhat.com

http://secunia.com/advisories/17222

Source: secalert@redhat.com

http://secunia.com/advisories/17256

Source: secalert@redhat.com

http://secunia.com/advisories/17265

Source: secalert@redhat.com

http://secunia.com/advisories/17282

Source: secalert@redhat.com

http://secunia.com/advisories/17357

Source: secalert@redhat.com

http://securitytracker.com/id?1015071

Source: secalert@redhat.com

http://www.debian.org/security/2005/dsa-878

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2005_24_sr.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-793.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securityfocus.com/bid/15128

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2005/2133

Source: secalert@redhat.com

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278

Source: secalert@redhat.com

Exploit Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135

Source: secalert@redhat.com

https://usn.ubuntu.com/210-1/

Source: secalert@redhat.com

http://secunia.com/advisories/17221

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17222

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17256

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17265

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17282

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17357

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015071

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2005/dsa-878

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2005_24_sr.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-793.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/15128

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/2133

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/210-1/

Source: af854a3a-2127-422b-91ae-364da2661108

32 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.6%

89th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

netpbm