CVE-2009-4274
Vulnerability from cvelistv5
Published
2010-02-12 21:00
Modified
2024-08-07 06:54
Severity ?
Summary
Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
secalert@redhat.comhttp://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076
secalert@redhat.comhttp://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup
secalert@redhat.comhttp://secunia.com/advisories/38530
secalert@redhat.comhttp://secunia.com/advisories/38915
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2026
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:039
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2010/02/09/11
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2011-1811.html
secalert@redhat.comhttp://www.securityfocus.com/bid/38164
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0358Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0780
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=546580
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/56207
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076
af854a3a-2127-422b-91ae-364da2661108http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38530
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38915
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2026
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:039
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2010/02/09/11
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2011-1811.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38164
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0358Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0780
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=546580
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/56207
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:10.362Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2011:1811",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
          },
          {
            "name": "ADV-2010-0358",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0358"
          },
          {
            "name": "38530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38530"
          },
          {
            "name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
          },
          {
            "name": "ADV-2010-0780",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0780"
          },
          {
            "name": "netpbm-xpm-bo(56207)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
          },
          {
            "name": "SUSE-SR:2010:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
          },
          {
            "name": "DSA-2026",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2026"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
          },
          {
            "name": "38915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38915"
          },
          {
            "name": "38164",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38164"
          },
          {
            "name": "MDVSA-2010:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2011:1811",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076"
        },
        {
          "name": "ADV-2010-0358",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0358"
        },
        {
          "name": "38530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38530"
        },
        {
          "name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
        },
        {
          "name": "ADV-2010-0780",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0780"
        },
        {
          "name": "netpbm-xpm-bo(56207)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
        },
        {
          "name": "SUSE-SR:2010:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
        },
        {
          "name": "DSA-2026",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2026"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
        },
        {
          "name": "38915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38915"
        },
        {
          "name": "38164",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38164"
        },
        {
          "name": "MDVSA-2010:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-4274",
    "datePublished": "2010-02-12T21:00:00",
    "dateReserved": "2009-12-10T00:00:00",
    "dateUpdated": "2024-08-07T06:54:10.362Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-4274\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-02-12T21:30:00.533\",\"lastModified\":\"2024-11-21T01:09:17.517\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en converter/ppm/xpmtoppm.c en netpbm anterior a v10.47.07, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio(ca\u00edda de aplicaci\u00f3n) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo de imagen XPM que contiene un campo de cabecera (header) manipulado asociado con un valor alto del \u00edndice de color.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F79F02C3-950F-4D47-971A-3C1367F1642C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0344253A-AF59-499B-81DF-5494A34B115F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7297482-7D30-484A-8F8D-AFEA2E468725\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93BA3D19-C291-468E-9E4E-E8374AE1BD32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85CF9240-FAEE-4BA2-8374-8B81F738521A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45457716-9219-4A88-A824-B45FA16643D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93A0526D-918E-4FAE-90AF-2BA49F9D5276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AD350ED-1327-483A-BF73-02AB9924EDED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C11849-BCD4-4982-A779-435669BD668F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C94984E9-22EE-4B24-AFCB-52137A871117\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23B10069-89E1-4E63-BCFF-C210CE3C5655\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC42B061-EB8E-49B4-B041-42B31672C42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFAE142A-4F71-4452-8DAD-9D6BA11EBF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"179366EE-D637-4345-8759-81D5E12EFFA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"725CFC44-43C8-47FF-9935-FA006B6338FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A331F93-08C2-4F45-98AD-46DBE38A9785\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEFB0157-CF91-4FCB-8786-4024595B3EE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92045C29-20B4-46D0-9643-491BB0642D12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"148A51ED-1A00-45D3-934E-96CA2759F5A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77BE0692-E688-4438-98C7-FA1FCE05F41C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1904CB89-F576-4DFF-9639-9263D0ADE0B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D11F39-3B4F-43E4-AC5E-E1B5931BCBB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97023E9B-520D-4E6F-BA7F-052BA89BF2E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93A152B4-8483-4874-88C0-4679831BB60E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBAE4A7-B0E1-4E50-8775-CAEF3E49B7EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDE78BA1-4001-4676-8BCB-FBC081A5D733\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF606C17-AD8A-4D81-AB55-50B0C4B7763F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"906047FD-1D75-4F97-977D-2A22A1DC87B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DA92693-6629-4A8D-9C54-418569C852F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F078E1C6-3FB7-415B-A49A-455BE55148B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F97984A-04F4-4F69-B03B-D06FD0F21EE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53FB010A-9B82-41F9-9DDB-4DCC0BFA0365\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07292430-0952-4E40-9012-1DD5709D2F9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"019C4B30-4F04-4068-80B1-884F9607EC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F74038FE-C361-415B-AC47-744D3792E707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A6B8C20-2603-4BC6-A9C5-363E45B86492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16998237-B53D-4E6C-B2E7-3C17BE483780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4998E602-7E72-4ED9-806F-2DF117827F24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A01D9E5-14BD-416D-8363-278FBA991BE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59B55BD5-0E1C-4A13-965C-BAFBE480C384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC498C66-4E32-4E4B-9BB0-3943CB963BC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4F989C-B9AF-4A0D-A39E-A9405E38229F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FCC7D4D-09B1-4063-9FE8-F88032B91FA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF8AB55-8A95-47CD-960A-E9A920632B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB45C9DA-9503-4F5C-8079-0C47E778EAB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B1D6ABC-D56F-4484-90D0-45CD3E7B682C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48121BF-EDA1-4EAD-B24B-7BAF6668D4BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E079966-8423-4638-8A55-BC9F2412D4E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BE5E653-3B78-4DCE-9FE8-1126FC18D8B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D339F6D7-9E9A-46C2-9823-E534F3BEBDC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A829E428-77AA-4B8F-B4E6-BB89F0054F20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6470755-BE74-49FB-B4C7-6869FB33A096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FEFA0BB-1542-4A88-BC95-A60AAEF90D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"090C90E2-D688-44C2-88D7-E40F7D919FA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"675512A2-6E2A-46BA-9237-114B4EA6248F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185FF47F-321E-4D26-893D-BB4F4B532670\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B402DB46-6103-4428-B6BF-9263D9270EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"599D4BAC-1266-4A30-A4C5-4BA13EC47F62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23241E2B-21B9-4C97-B865-5C3652C27401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4A40DC0-AE35-4597-8A55-D5022289435E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12B85A1-5607-4037-A362-0270EF710514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B39A1A-DC18-413E-A869-9D6C7C77BF8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F62F30D-F8D9-4B47-9CFC-8F54B3F589C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B0ACB2-FE13-4145-8EAE-9D6FB7FEDD60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0253F8B8-346C-40F0-9225-4593EAF39861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2411D682-BEB2-41E0-B211-4E8EA0E551C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97036446-8A06-4AB6-842B-2186A88FBB1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC9F56AC-906E-4713-83ED-79A8673F59BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A77A17C7-C323-4182-A099-BB3E92BF12D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82DB51EA-A050-417A-8603-97BD33ACB9B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48468D84-76E9-476D-8470-3950C8281118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7472AD57-68B3-43BE-95D4-F21D39708A4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAA0C21F-DB95-43D9-B7B2-B076043828E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3658F6EA-E897-4A24-AD82-F3EBD4567D27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F887C654-43D9-4374-88D8-DCA800B7F449\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34001491-58AD-4F6C-9159-C27671EA1574\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"347D3197-1915-4417-B72D-0C23BEFBAA32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0256E7B3-E119-41A4-B49D-4C08D364C22C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EA3DD4D-28E0-4266-9024-A4DFF832512E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02FAFCFB-0D3F-4906-ADCE-BF7F06167692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB184F25-C4ED-4655-B79D-6B00E22F9097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43FC34D4-576B-46D6-B13C-EE17C0A5AAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.35.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0618AF8A-0927-45CC-8BF5-93B1083B8147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.36.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A715086-7459-4E99-8936-49F77323D17C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.37.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"979690E7-827E-4131-A3CD-235340A2FC2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.38.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD21B69B-5500-4130-9603-F46998AC7D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.39.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E222667-1825-4377-AD6E-5C88979CD5A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.40.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFA2DCC3-007C-4EA4-BD2B-18C776D3CBAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.41.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5A9A4DD-FCE5-4585-97A5-F91120F9F2D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.42.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A8E6AAC-2DFD-4E6F-BAFA-FC002E7FBF78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.43.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C739F6A-7DA4-4069-827D-B78DA08E4C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.44.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BE3C40-8066-4C41-A566-F89236D5F112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.45.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A66AB52D-ECF8-4D0E-906F-7FA1AC41CD84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.46.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11B4771-81FF-4FA4-AB56-0BD51AFF10D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B15E831F-F5FB-487F-9359-A7188C2206BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"756FB7A1-2FD3-40A6-B992-5D5FF0E6A736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51CEA68F-46F0-4795-9839-D961FC1A394F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6F7C0A-FF13-4C64-B9D3-5E71FCF87813\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B20DFC28-0489-404A-8783-DCA6157EACCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"533419D8-A51D-4C51-A898-7E9068722FD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netpbm:netpbm:10.47.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E141EBC6-830D-4ADD-8D03-DB528FF3E117\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/38530\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/38915\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2026\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:039\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/02/09/11\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1811.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/38164\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0358\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0780\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=546580\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56207\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch\u0026r1=995\u0026r2=1076\u0026pathrev=1076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38915\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2026\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/02/09/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1811.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0358\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=546580\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4274\\n\\nThe Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/\",\"lastModified\":\"2010-02-17T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.