Описание
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-0688
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17416
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11796
- https://usn.ubuntu.com/27-1
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924
- http://ftp.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch
- http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
- http://marc.info/?l=bugtraq&m=109530851323415&w=2
- http://scary.beasts.org/security/CESA-2004-003.txt
- http://secunia.com/advisories/20235
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1
- http://www.debian.org/security/2004/dsa-560
- http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
- http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml
- http://www.kb.cert.org/vuls/id/537878
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:098
- http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html
- http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html
- http://www.redhat.com/support/errata/RHSA-2004-537.html
- http://www.redhat.com/support/errata/RHSA-2005-004.html
- http://www.securityfocus.com/archive/1/434715/100/0/threaded
- http://www.securityfocus.com/bid/11196
- http://www.us-cert.gov/cas/techalerts/TA05-136A.html
- http://www.vupen.com/english/advisories/2006/1914
EPSS
CVE ID
Связанные уязвимости
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Multiple integer overflows in (1) the xpmParseColors function in parse ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS