QwikSec

Security Database

CVE

CWE

Training

CVE-2004-0914

Published: Dec 15, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

libxpm-directory-traversal(18146)

vdb-entry

x_refsource_XF

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

libxpm-image-bo(18142)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:9943

vdb-entry

signature

x_refsource_OVAL

FEDORA-2004-433

vendor-advisory

x_refsource_FEDORA

http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

libxpm-improper-memory-access(18144)

vdb-entry

x_refsource_XF

vendor-advisory

x_refsource_GENTOO

FLSA-2006:152803

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_MANDRAKE

vendor-advisory

x_refsource_GENTOO

libxpm-dos(18147)

vdb-entry

x_refsource_XF

libxpm-command-execution(18145)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.