Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gocr | optical_character_recognition_utility | 0.37 |
| gocr | optical_character_recognition_utility | 0.3.2 |
| gocr | optical_character_recognition_utility | 0.3.4 |
| gocr | optical_character_recognition_utility | 0.39 |
| gocr | optical_character_recognition_utility | 0.40 |