CVE-2003-0146
netpbm-free - math overflow errors
EPSS 3.9%
Description
Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows.
How to fix CVE-2003-0146
To remediate CVE-2003-0146, upgrade the affected package to a fixed version below.
- Debian/lpr—upgrade to 1:2000.05.07-4.20 or later
- Debian/netpbm-free—upgrade to 2:9.20-9 or later
- —upgrade to 2:9.20-8.2 or later
Is CVE-2003-0146 being exploited?
Low — EPSS is 3.9%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 1:2000.05.07-4.20
- from 0, < 2:9.20-9
- from 0, < 2:9.20-8.2