Strix
26.1K

CVE-2008-4799

UnknownEPSS 1.66%

Last modified

CVE-2008-4799 is a vulnerability of currently unknown severity. pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.. EPSS estimates a 1.66% chance of exploitation in the next 30 days.

Description

pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.

Metrics

EPSS Probability
1.66%

73.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
NetpbmNetpbm<= 10.35.47
NetpbmNetpbm8.1
NetpbmNetpbm8.2
NetpbmNetpbm8.3
NetpbmNetpbm8.4
NetpbmNetpbm9.0
NetpbmNetpbm9.1
NetpbmNetpbm9.2
NetpbmNetpbm9.3
NetpbmNetpbm9.4
NetpbmNetpbm9.5
NetpbmNetpbm9.6
NetpbmNetpbm9.7
NetpbmNetpbm9.8
NetpbmNetpbm9.9
NetpbmNetpbm9.10
NetpbmNetpbm9.11
NetpbmNetpbm9.12
NetpbmNetpbm9.13
NetpbmNetpbm9.14
NetpbmNetpbm9.15
NetpbmNetpbm9.16
NetpbmNetpbm9.17
NetpbmNetpbm9.18
NetpbmNetpbm9.19
NetpbmNetpbm9.20
NetpbmNetpbm9.21
NetpbmNetpbm9.22
NetpbmNetpbm9.23
NetpbmNetpbm9.24
NetpbmNetpbm9.25
NetpbmNetpbm10.0
NetpbmNetpbm10.1
NetpbmNetpbm10.2
NetpbmNetpbm10.3
NetpbmNetpbm10.4
NetpbmNetpbm10.5
NetpbmNetpbm10.6
NetpbmNetpbm10.7
NetpbmNetpbm10.8
NetpbmNetpbm10.9
NetpbmNetpbm10.10
NetpbmNetpbm10.12
NetpbmNetpbm10.13
NetpbmNetpbm10.14
NetpbmNetpbm10.15
NetpbmNetpbm10.16
NetpbmNetpbm10.17
NetpbmNetpbm10.18
NetpbmNetpbm10.19

Showing 50 of 112 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2008-4799?
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.
How severe is CVE-2008-4799?
Severity scoring for CVE-2008-4799 is pending analysis. The EPSS model estimates a 1.66% probability of exploitation in the next 30 days.
How do I fix CVE-2008-4799?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-4799?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST