← back
CVE-2004-0688

CVE-2004-0688

EPSS 7.2%
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924http://ftp.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patchhttp://lists.apple.com/archives/security-announce/2005/May/msg00001.htmlhttp://marc.info/?l=bugtraq&m=109530851323415&w=2http://scary.beasts.org/security/CESA-2004-003.txthttp://secunia.com/advisories/20235https://exchange.xforce.ibmcloud.com/vulnerabilities/17416https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11796http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1https://usn.ubuntu.com/27-1/http://www.debian.org/security/2004/dsa-560http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml