Title : Pnmtopng "alphas_of_color" Remote Buffer Overflow Vulnerability VUPEN ID : VUPEN/ADV-2005-2418 CVE ID : CVE-2005-3632 - CVE-2005-3662
Rated as : High Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-11-15
Technical Description
Two vulnerabilities were identified in Pnmtopng, which could be exploited by remote attackers to execute arbitrary commands. These flaws are due to a buffer overflow error in the "alphas_of_color" function that does not properly handle malformed images when using the "-alpha" or "-text" options, which could be exploited by attackers to execute arbitrary commands via a specially crafted ".pnm" file.
