Unrated severityNVD Advisory· Published Nov 18, 2005· Updated Apr 16, 2026
CVE-2005-3662
CVE-2005-3662
Description
Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
Affected products
5cpe:2.3:a:greg_roelofs:pnmtopng:2.37.3:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:greg_roelofs:pnmtopng:2.37.3:*:*:*:*:*:*:*
- cpe:2.3:a:greg_roelofs:pnmtopng:2.37.4:*:*:*:*:*:*:*
- cpe:2.3:a:greg_roelofs:pnmtopng:2.37.5:*:*:*:*:*:*:*
- cpe:2.3:a:greg_roelofs:pnmtopng:2.37.6:*:*:*:*:*:*:*
- cpe:2.3:a:greg_roelofs:pnmtopng:2.38:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- secunia.com/advisories/17544nvdPatchVendor Advisory
- secunia.com/advisories/17671nvdVendor Advisory
- secunia.com/advisories/17679nvdVendor Advisory
- secunia.com/advisories/17828nvdVendor Advisory
- secunia.com/advisories/18186nvdVendor Advisory
- secunia.com/advisories/18517nvdVendor Advisory
- www.vupen.com/english/advisories/2005/2418nvdVendor Advisory
- patches.sgi.com/support/free/security/advisories/20060101-01-Unvd
- sourceforge.net/project/shownotes.phpnvd
- www.debian.org/security/2005/dsa-904nvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2005_28_sr.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-843.htmlnvd
- www.securityfocus.com/bid/15427nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9583nvd
- usn.ubuntu.com/218-1/nvd
News mentions
0No linked articles in our index yet.