Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=111358557823673&w=2 | Exploit Mailing List |
http://www.overflow.pl/adv/gocr.txt | Broken Link Exploit Vendor Advisory |
http://marc.info/?l=bugtraq&m=111358557823673&w=2 | Exploit Mailing List |
http://www.overflow.pl/adv/gocr.txt | Broken Link Exploit Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=111358557823673&w=2 - Exploit, Mailing List | |
References | () http://www.overflow.pl/adv/gocr.txt - Broken Link, Exploit, Vendor Advisory |
08 Feb 2024, 18:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=111358557823673&w=2 - Exploit, Mailing List | |
References | () http://www.overflow.pl/adv/gocr.txt - Broken Link, Exploit, Vendor Advisory | |
CPE | cpe:2.3:a:gocr:optical_character_recognition_utility:0.37:*:*:*:*:*:*:* cpe:2.3:a:gocr:optical_character_recognition_utility:0.40:*:*:*:*:*:*:* cpe:2.3:a:gocr:optical_character_recognition_utility:0.3.4:*:*:*:*:*:*:* cpe:2.3:a:gocr:optical_character_recognition_utility:0.39:*:*:*:*:*:*:* |
cpe:2.3:a:optical_character_recognition_project:optical_character_recognition:0.40:*:*:*:*:*:*:* |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
First Time |
Optical Character Recognition Project
Optical Character Recognition Project optical Character Recognition |
|
CWE | CWE-190 |
Information
Published : 2005-04-15 04:00
Updated : 2024-11-20 23:56
NVD link : CVE-2005-1141
Mitre link : CVE-2005-1141
CVE.ORG link : CVE-2005-1141
JSON object : View
Products Affected
optical_character_recognition_project
- optical_character_recognition
CWE
CWE-190
Integer Overflow or Wraparound