Marc Schoenefeld discovered a stack-based buffer overflow in the XPM reader implementation in netpbm-free, a suite of image manipulation utilities. An attacker could cause a denial of service or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value.