Vulnerabilities > CVE-2005-1142 - Remote Security vulnerability in Optical Character Recognition Utility

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

gocr

NVD

Published: 2005-04-15

Updated: 2016-10-18

Summary

Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values.

Vulnerable Configurations

Part	Description	Count
Application	Gocr Gocr Optical Character Recognition Utility 0.3.2 Gocr Optical Character Recognition Utility 0.3.4 Gocr Optical Character Recognition Utility 0.37 Gocr Optical Character Recognition Utility 0.39 Gocr Optical Character Recognition Utility 0.40	5

References

http://marc.info/?l=bugtraq&m=111358557823673&w=2
http://www.overflow.pl/adv/gocr.txt