Vulnerability Details : CVE-2013-7438
Multiple buffer overflows in pbm212030 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PBM image, related to (1) stream line data, which triggers a heap-based buffer overflow, or (2) vectors related to an "internal intermediate heap-based buffer."
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2013-7438
- cpe:2.3:a:pbm212030_project:pbm212030:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-7438
1.88%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-7438
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-7438
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7438
-
https://bugzilla.redhat.com/show_bug.cgi?id=908430
908430 – pbm2l2030: Heap-based buffer overflow by generating (intermediate) storage buffer when printing PBM image
-
https://bugzilla.redhat.com/show_bug.cgi?id=908432
908432 – pbm2l2030: Stack-based buffer overflow when reading PBM stream lines during image printing
-
http://www.openwall.com/lists/oss-security/2015/02/06/8
oss-security - some older pbm2l2030 stuff
Jump to