CVE-2005-2978 Information

Description

pnmtopng in netpbm before 10.25 when using the -trans option uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG) which might allow attackers to execute arbitrary code by modifying the stack.

Reference

http://secunia.com/advisories/17221 http://secunia.com/advisories/17222 http://secunia.com/advisories/17256 http://secunia.com/advisories/17265 http://secunia.com/advisories/17282 http://secunia.com/advisories/17357 http://securitytracker.com/id?1015071 http://www.debian.org/security/2005/dsa-878 http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml http://www.novell.com/linux/security/advisories/2005_24_sr.html http://www.redhat.com/support/errata/RHSA-2005-793.html http://www.securityfocus.com/bid/15128 http://www.vupen.com/english/advisories/2005/2133 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10135 https://usn.ubuntu.com/210-1/