GLSA-200510-18 : Netpbm: Buffer overflow in pnmtopng
High Nessus Plugin ID 20080
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200510-18 (Netpbm: Buffer overflow in pnmtopng)
RedHat reported that pnmtopng is vulnerable to a buffer overflow.
An attacker could craft a malicious PNM file and entice a user to run pnmtopng on it, potentially resulting in the execution of arbitrary code with the permissions of the user running pnmtopng.
There is no known workaround at this time.
SolutionAll Netpbm users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose media-libs/netpbm