CVE-2008-0554
netpbm-free - arbitrary code execution
EPSS 2.2%
Description
Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
How to fix CVE-2008-0554
To remediate CVE-2008-0554, upgrade the affected package to a fixed version below.
- Debian/netpbm-free—upgrade to 10.0-11.1 or later
- Debian/netpbm-free—upgrade to 2:10.0-11.1+etch1 or later
Is CVE-2008-0554 being exploited?
Low — EPSS is 2.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 10.0-11.1
- from 0, < 2:10.0-11.1+etch1