ID CVE-2005-0605
Summary scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:lesstif:lesstif:0.93.94
    cpe:2.3:a:lesstif:lesstif:0.93.94
  • SGI ProPack 3.0
    cpe:2.3:a:sgi:propack:3.0
  • cpe:2.3:a:x.org:x11r6:6.7.0
    cpe:2.3:a:x.org:x11r6:6.7.0
  • cpe:2.3:a:x.org:x11r6:6.8
    cpe:2.3:a:x.org:x11r6:6.8
  • cpe:2.3:a:x.org:x11r6:6.8.1
    cpe:2.3:a:x.org:x11r6:6.8.1
  • cpe:2.3:a:xfree86_project:x11r6:3.3
    cpe:2.3:a:xfree86_project:x11r6:3.3
  • cpe:2.3:a:xfree86_project:x11r6:3.3.2
    cpe:2.3:a:xfree86_project:x11r6:3.3.2
  • cpe:2.3:a:xfree86_project:x11r6:3.3.3
    cpe:2.3:a:xfree86_project:x11r6:3.3.3
  • cpe:2.3:a:xfree86_project:x11r6:3.3.4
    cpe:2.3:a:xfree86_project:x11r6:3.3.4
  • cpe:2.3:a:xfree86_project:x11r6:3.3.5
    cpe:2.3:a:xfree86_project:x11r6:3.3.5
  • cpe:2.3:a:xfree86_project:x11r6:3.3.6
    cpe:2.3:a:xfree86_project:x11r6:3.3.6
  • cpe:2.3:a:xfree86_project:x11r6:4.0
    cpe:2.3:a:xfree86_project:x11r6:4.0
  • cpe:2.3:a:xfree86_project:x11r6:4.0.1
    cpe:2.3:a:xfree86_project:x11r6:4.0.1
  • cpe:2.3:a:xfree86_project:x11r6:4.0.2.11
    cpe:2.3:a:xfree86_project:x11r6:4.0.2.11
  • cpe:2.3:a:xfree86_project:x11r6:4.0.3
    cpe:2.3:a:xfree86_project:x11r6:4.0.3
  • cpe:2.3:a:xfree86_project:x11r6:4.1.0
    cpe:2.3:a:xfree86_project:x11r6:4.1.0
  • cpe:2.3:a:xfree86_project:x11r6:4.1.11
    cpe:2.3:a:xfree86_project:x11r6:4.1.11
  • cpe:2.3:a:xfree86_project:x11r6:4.1.12
    cpe:2.3:a:xfree86_project:x11r6:4.1.12
  • cpe:2.3:a:xfree86_project:x11r6:4.2.0
    cpe:2.3:a:xfree86_project:x11r6:4.2.0
  • cpe:2.3:a:xfree86_project:x11r6:4.2.1
    cpe:2.3:a:xfree86_project:x11r6:4.2.1
  • cpe:2.3:a:xfree86_project:x11r6:4.2.1:-:errata
    cpe:2.3:a:xfree86_project:x11r6:4.2.1:-:errata
  • cpe:2.3:a:xfree86_project:x11r6:4.3.0
    cpe:2.3:a:xfree86_project:x11r6:4.3.0
  • cpe:2.3:a:xfree86_project:x11r6:4.3.0.1
    cpe:2.3:a:xfree86_project:x11r6:4.3.0.1
  • cpe:2.3:a:xfree86_project:x11r6:4.3.0.2
    cpe:2.3:a:xfree86_project:x11r6:4.3.0.2
  • cpe:2.3:o:altlinux:alt_linux:2.3:-:compact
    cpe:2.3:o:altlinux:alt_linux:2.3:-:compact
  • cpe:2.3:o:altlinux:alt_linux:2.3:-:junior
    cpe:2.3:o:altlinux:alt_linux:2.3:-:junior
  • MandrakeSoft Mandrake Linux 10.0
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.0
  • cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:-:amd64
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:-:amd64
  • MandrakeSoft Mandrake Linux 10.1
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.1
  • cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:-:x86_64
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:-:x86_64
  • MandrakeSoft Mandrake Linux 10.2
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.2
  • cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:-:x86_64
    cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:-:x86_64
  • MandrakeSoft Mandrake Linux Corporate Server 2.1
    cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1
  • cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:-:x86_64
    cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:-:x86_64
  • MandrakeSoft Mandrake Corporate Server 3.0
    cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0
  • cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:-:x86_64
    cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:-:x86_64
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:3.0:-:workstation_server
    cpe:2.3:o:redhat:enterprise_linux:3.0:-:workstation_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
  • Red Hat Desktop 3.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:3.0
  • Red Hat Desktop 4.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:4.0
  • cpe:2.3:o:redhat:fedora_core:core_2.0
    cpe:2.3:o:redhat:fedora_core:core_2.0
  • cpe:2.3:o:redhat:fedora_core:core_3.0
    cpe:2.3:o:redhat:fedora_core:core_3.0
  • SuSE SuSE Linux 6.1
    cpe:2.3:o:suse:suse_linux:6.1
  • SuSE SuSE Linux 6.1 alpha
    cpe:2.3:o:suse:suse_linux:6.1:alpha
  • SuSE SuSE Linux 6.2
    cpe:2.3:o:suse:suse_linux:6.2
  • SuSE SuSE Linux 6.3
    cpe:2.3:o:suse:suse_linux:6.3
  • cpe:2.3:o:suse:suse_linux:6.3:-:ppc
    cpe:2.3:o:suse:suse_linux:6.3:-:ppc
  • SuSE SuSE Linux 6.3 alpha
    cpe:2.3:o:suse:suse_linux:6.3:alpha
  • SuSE SuSE Linux 6.4
    cpe:2.3:o:suse:suse_linux:6.4
  • cpe:2.3:o:suse:suse_linux:6.4:-:i386
    cpe:2.3:o:suse:suse_linux:6.4:-:i386
  • cpe:2.3:o:suse:suse_linux:6.4:-:ppc
    cpe:2.3:o:suse:suse_linux:6.4:-:ppc
  • SuSE SuSE Linux 6.4 alpha
    cpe:2.3:o:suse:suse_linux:6.4:alpha
  • SuSE SuSE Linux 7.0
    cpe:2.3:o:suse:suse_linux:7.0
  • cpe:2.3:o:suse:suse_linux:7.0:-:i386
    cpe:2.3:o:suse:suse_linux:7.0:-:i386
  • cpe:2.3:o:suse:suse_linux:7.0:-:ppc
    cpe:2.3:o:suse:suse_linux:7.0:-:ppc
  • cpe:2.3:o:suse:suse_linux:7.0:-:sparc
    cpe:2.3:o:suse:suse_linux:7.0:-:sparc
  • SuSE SuSE Linux 7.0 alpha
    cpe:2.3:o:suse:suse_linux:7.0:alpha
  • SuSE SuSE Linux 7.1
    cpe:2.3:o:suse:suse_linux:7.1
  • cpe:2.3:o:suse:suse_linux:7.1:-:spa
    cpe:2.3:o:suse:suse_linux:7.1:-:spa
  • cpe:2.3:o:suse:suse_linux:7.1:-:sparc
    cpe:2.3:o:suse:suse_linux:7.1:-:sparc
  • cpe:2.3:o:suse:suse_linux:7.1:-:x86
    cpe:2.3:o:suse:suse_linux:7.1:-:x86
  • SuSE SuSE Linux 7.1 alpha
    cpe:2.3:o:suse:suse_linux:7.1:alpha
  • SuSE SuSE Linux 7.2
    cpe:2.3:o:suse:suse_linux:7.2
  • cpe:2.3:o:suse:suse_linux:7.2:-:i386
    cpe:2.3:o:suse:suse_linux:7.2:-:i386
  • SuSE SuSE Linux 7.3
    cpe:2.3:o:suse:suse_linux:7.3
  • cpe:2.3:o:suse:suse_linux:7.3:-:i386
    cpe:2.3:o:suse:suse_linux:7.3:-:i386
  • cpe:2.3:o:suse:suse_linux:7.3:-:ppc
    cpe:2.3:o:suse:suse_linux:7.3:-:ppc
  • cpe:2.3:o:suse:suse_linux:7.3:-:sparc
    cpe:2.3:o:suse:suse_linux:7.3:-:sparc
  • SuSE SuSE Linux 8.0
    cpe:2.3:o:suse:suse_linux:8.0
  • cpe:2.3:o:suse:suse_linux:8.0:-:i386
    cpe:2.3:o:suse:suse_linux:8.0:-:i386
  • SuSE SuSE Linux 8.1
    cpe:2.3:o:suse:suse_linux:8.1
  • SuSE SuSE Linux 8.2
    cpe:2.3:o:suse:suse_linux:8.2
  • SuSE SuSE Linux 9.0
    cpe:2.3:o:suse:suse_linux:9.0
  • cpe:2.3:o:suse:suse_linux:9.0:-:x86_64
    cpe:2.3:o:suse:suse_linux:9.0:-:x86_64
  • SuSE SuSE Linux 9.1
    cpe:2.3:o:suse:suse_linux:9.1
  • cpe:2.3:o:suse:suse_linux:9.1:-:x86_64
    cpe:2.3:o:suse:suse_linux:9.1:-:x86_64
  • SuSE SuSE Linux 9.2
    cpe:2.3:o:suse:suse_linux:9.2
  • cpe:2.3:o:suse:suse_linux:9.2:-:x86_64
    cpe:2.3:o:suse:suse_linux:9.2:-:x86_64
CVSS
Base: 7.5 (as of 08-06-2005 - 15:23)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2005-007.NASL
    description The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow - Mail - MySQL - OpenSSL - QuartzComposerScreenSaver - ping - Safari - SecurityInterface - servermgrd - servermgr_ipfilter - SquirelMail - traceroute - WebKit - WebLog Server - X11 - zlib
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 19463
    published 2005-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19463
    title Mac OS X Multiple Vulnerabilities (Security Update 2005-007)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-081.NASL
    description The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. An integer overflow flaw was found in libXPM, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code via a negative bitmap_unit value if opened by a victim using an application linked to the vulnerable library. Updated packages are patched to correct all these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 18235
    published 2005-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18235
    title Mandrake Linux Security Advisory : XFree86 (MDKSA-2005:081)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-412.NASL
    description Updated openmotif packages that fix a flaw in the Xpm image library are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenMotif provides libraries which implement the Motif industry standard graphical user interface. An integer overflow flaw was found in libXpm, which is used to decode XPM (X PixMap) images. A vulnerable version of this library was found within OpenMotif. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute arbitrary code if opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Users of OpenMotif are advised to upgrade to these erratum packages, which contains a backported security patch to the embedded libXpm library.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18253
    published 2005-05-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18253
    title RHEL 2.1 / 3 / 4 : openmotif (RHSA-2005:412)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119064-01.NASL
    description SunOS 5.10_x86: libXpm patch. Date this patch was last updated by Sun : May/12/05
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107807
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107807
    title Solaris 10 (x86) : 119064-01
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-412.NASL
    description Updated openmotif packages that fix a flaw in the Xpm image library are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenMotif provides libraries which implement the Motif industry standard graphical user interface. An integer overflow flaw was found in libXpm, which is used to decode XPM (X PixMap) images. A vulnerable version of this library was found within OpenMotif. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute arbitrary code if opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Users of OpenMotif are advised to upgrade to these erratum packages, which contains a backported security patch to the embedded libXpm library.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21820
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21820
    title CentOS 3 / 4 : openmotif (CESA-2005:412)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200503-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-200503-08 (OpenMotif, LessTif: New libXpm buffer overflows) Chris Gilbert discovered potentially exploitable buffer overflow cases in libXpm that weren't fixed in previous libXpm security advisories. Impact : A carefully-crafted XPM file could crash applications making use of the OpenMotif or LessTif toolkits, potentially allowing the execution of arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 17274
    published 2005-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17274
    title GLSA-200503-08 : OpenMotif, LessTif: New libXpm buffer overflows
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-080.NASL
    description The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. An integer overflow flaw was found in libXPM, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code via a negative bitmap_unit value if opened by a victim using an application linked to the vulnerable library. Updated packages are patched to correct all these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 18173
    published 2005-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18173
    title Mandrake Linux Security Advisory : xpm (MDKSA-2005:080)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-198.NASL
    description Updated xorg-x11 packages that fix a security issue as well as various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. X.Org X11 is the X Window System which provides the core functionality of the Linux GUI desktop. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with libXpm to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Since the initial release of Red Hat Enterprise Linux 4, a number of issues have been addressed in the X.Org X11 X Window System. This erratum also updates X11R6.8 to the latest stable point release (6.8.2), which includes various stability and reliability fixes including (but not limited to) the following : - The 'radeon' driver has been modified to disable 'RENDER' acceleration by default, due to a bug in the implementation which has not yet been isolated. This can be manually re-enabled by using the following option in the device section of the X server config file : Option 'RenderAccel' - The 'vmware' video driver is now available on 64-bit AMD64 and compatible systems. - The Intel 'i810' video driver is now available on 64-bit EM64T systems. - Stability fixes in the X Server's PCI handling layer for 64-bit systems, which resolve some issues reported by 'vesa' and 'nv' driver users. - Support for Hewlett Packard's Itanium ZX2 chipset. - Nvidia 'nv' video driver update provides support for some of the newer Nvidia chipsets, as well as many stability and reliability fixes. - Intel i810 video driver stability update, which fixes the widely reported i810/i815 screen refresh issues many have experienced. - Packaging fixes for multilib systems, which permit both 32-bit and 64-bit X11 development environments to be simultaneously installed without file conflicts. In addition to the above highlights, the X.Org X11 6.8.2 release has a large number of additional stability fixes which resolve various other issues reported since the initial release of Red Hat Enterprise Linux 4. All users of X11 should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21921
    published 2006-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21921
    title CentOS 4 : xorg-x11 (CESA-2005:198)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-97-1.NASL
    description Chris Gilbert discovered a buffer overflow in the XPM library shipped with XFree86. If an attacker tricked a user into loading a malicious XPM image with an application that uses libxpm, he could exploit this to execute arbitrary code with the privileges of the user opening the image. These overflows do not allow privilege escalation through the X server; the overflows are in a client-side library. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-25
    plugin id 20723
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20723
    title Ubuntu 4.10 : xfree86 vulnerability (USN-97-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-723.NASL
    description A buffer overflow has been discovered in the Xpm library which is used in XFree86. A remote attacker could provide a specially crafted XPM image that could lead to the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 18227
    published 2005-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18227
    title Debian DSA-723-1 : xfree86 - buffer overflow
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-198.NASL
    description Updated xorg-x11 packages that fix a security issue as well as various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. X.Org X11 is the X Window System which provides the core functionality of the Linux GUI desktop. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with libXpm to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Since the initial release of Red Hat Enterprise Linux 4, a number of issues have been addressed in the X.Org X11 X Window System. This erratum also updates X11R6.8 to the latest stable point release (6.8.2), which includes various stability and reliability fixes including (but not limited to) the following : - The 'radeon' driver has been modified to disable 'RENDER' acceleration by default, due to a bug in the implementation which has not yet been isolated. This can be manually re-enabled by using the following option in the device section of the X server config file : Option 'RenderAccel' - The 'vmware' video driver is now available on 64-bit AMD64 and compatible systems. - The Intel 'i810' video driver is now available on 64-bit EM64T systems. - Stability fixes in the X Server's PCI handling layer for 64-bit systems, which resolve some issues reported by 'vesa' and 'nv' driver users. - Support for Hewlett Packard's Itanium ZX2 chipset. - Nvidia 'nv' video driver update provides support for some of the newer Nvidia chipsets, as well as many stability and reliability fixes. - Intel i810 video driver stability update, which fixes the widely reported i810/i815 screen refresh issues many have experienced. - Packaging fixes for multilib systems, which permit both 32-bit and 64-bit X11 development environments to be simultaneously installed without file conflicts. In addition to the above highlights, the X.Org X11 6.8.2 release has a large number of additional stability fixes which resolve various other issues reported since the initial release of Red Hat Enterprise Linux 4. All users of X11 should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18443
    published 2005-06-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18443
    title RHEL 4 : xorg-x11 (RHSA-2005:198)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-331.NASL
    description Updated XFree86 packages that fix a libXpm integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. XFree86 is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. The updated XFree86 packages also address the following minor issues : - Updated XFree86-4.3.0-keyboard-disable-ioport-access-v3.patch to make warning messages less alarmist. - Backported XFree86-4.3.0-libX11-stack-overflow.patch from xorg-x11-6.8.1 packaging to fix stack overflow in libX11, which was discovered by new security features of gcc4. Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17660
    published 2005-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17660
    title RHEL 3 : XFree86 (RHSA-2005:331)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119063-01.NASL
    description SunOS 5.10: libXpm patch. Date this patch was last updated by Sun : May/12/05
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107305
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107305
    title Solaris 10 (sparc) : 119063-01
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0261.NASL
    description Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal security review, a cross-site scripting flaw was found that affected the Red Hat Network channel search feature. (CVE-2007-5961) This release also corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server. In a typical operating environment, these components are not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments. Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting, denial-of-service, or information disclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197, CVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388) A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349) A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329) Multiple cross-site scripting flaws were fixed in the image map feature in the JFreeChart package. (CVE-2007-6306) Multiple flaws were fixed in the IBM Java 1.4.2 Runtime. (CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) Two arbitrary code execution flaws were fixed in the OpenMotif package. (CVE-2005-3964, CVE-2005-0605) A flaw which could result in weak encryption was fixed in the perl-Crypt-CBC package. (CVE-2006-0898) Multiple flaws were fixed in the Tomcat package. (CVE-2008-0128, CVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355, CVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195, CVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510) Users of Red Hat Network Satellite Server 5.0 are advised to upgrade to 5.0.2, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43835
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43835
    title RHEL 4 : Satellite Server (RHSA-2008:0261)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-044.NASL
    description Updated XFree86 packages that fix a libXpm integer overflow flaw and a number of bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. XFree86 is an open source implementation of the X Window System. It provides the basic low level functionality which full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. XFree86 4.1.0 was not functional on systems that did not have a legacy keyboard controller (8042). During startup, the X server would attempt to update registers on the 8042 controller, but if that chip was not present, the X server would hang during startup. This new release has a workaround so that the access to those registers time out if they are not present. A bug in libXaw could cause applications to segfault on 64-bit systems under certain circumstances. This has been fixed with a patch backported from XFree86 4.3.0. Xlib contained a memory leak caused by double allocation, which has been fixed in XFree86 4.3.0 using backported patch. All users of XFree86 should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17994
    published 2005-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17994
    title RHEL 2.1 : XFree86 (RHSA-2005:044)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2005-273.NASL
    description An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Furthermore, this updates the Fedora Core 3 X.org packages to the 6.8.2 maintenance release, which includes a large number of bug fixes : http://xorg.freedesktop.org/wiki/X11R682Release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 19641
    published 2005-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19641
    title Fedora Core 3 : xorg-x11-6.8.2-1.FC3.13 (2005-273)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0524.NASL
    description Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server 4.2. In a typical operating environment, these components are not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments. Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting, denial-of-service, or information disclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197, CVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388) A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349) A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329) Multiple cross-site scripting flaws were fixed in the image map feature in the JFreeChart package. (CVE-2007-6306) Multiple flaws were fixed in the IBM Java 1.4.2 Runtime. (CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) Multiple flaws were fixed in the OpenMotif package. (CVE-2004-0687, CVE-2004-0688, CVE-2004-0914, CVE-2005-3964, CVE-2005-0605) A flaw which could result in weak encryption was fixed in the perl-Crypt-CBC package. (CVE-2006-0898) Multiple flaws were fixed in the Tomcat package. (CVE-2008-0128, CVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355, CVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195, CVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510) Users of Red Hat Network Satellite Server 4.2 are advised to upgrade to 4.2.3, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43837
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43837
    title RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2005-272.NASL
    description An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 18328
    published 2005-05-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18328
    title Fedora Core 2 : xorg-x11-6.7.0-14 (2005-272)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-331.NASL
    description Updated XFree86 packages that fix a libXpm integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. XFree86 is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. The updated XFree86 packages also address the following minor issues : - Updated XFree86-4.3.0-keyboard-disable-ioport-access-v3.patch to make warning messages less alarmist. - Backported XFree86-4.3.0-libX11-stack-overflow.patch from xorg-x11-6.8.1 packaging to fix stack overflow in libX11, which was discovered by new security features of gcc4. Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21804
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21804
    title CentOS 3 : XFree86 (CESA-2005:331)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-92-1.NASL
    description Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image. Ubuntu does not contain any server applications using LessTif, so there is no possibility of privilege escalation. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20718
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20718
    title Ubuntu 4.10 : lesstif1-1 vulnerabilities (USN-92-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-473.NASL
    description Updated lesstif packages that fix flaws in the Xpm library are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having Moderate security impact by the Red Hat Security Response Team. LessTif provides libraries which implement the Motif industry standard graphical user interface. An integer overflow flaw was found in libXpm; a vulnerable version of this library is found within LessTif. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to LessTif. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0605 to this issue. Users of LessTif should upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18390
    published 2005-05-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18390
    title RHEL 2.1 : lesstif (RHSA-2005:473)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200503-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-200503-15 (X.org: libXpm vulnerability) Chris Gilbert has discovered potentially exploitable buffer overflow cases in libXpm that weren't fixed in previous libXpm versions. Impact : A carefully-crafted XPM file could crash X.org, potentially allowing the execution of arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 17317
    published 2005-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17317
    title GLSA-200503-15 : X.org: libXpm vulnerability
oval via4
accepted 2013-04-29T04:05:25.886-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
family unix
id oval:org.mitre.oval:def:10411
status accepted
submitted 2010-07-09T03:56:16-04:00
title scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
version 23
redhat via4
advisories
  • rhsa
    id RHSA-2005:044
  • rhsa
    id RHSA-2005:198
  • rhsa
    id RHSA-2005:331
  • rhsa
    id RHSA-2005:412
  • rhsa
    id RHSA-2005:473
  • rhsa
    id RHSA-2008:0261
refmap via4
apple
  • APPLE-SA-2005-08-15
  • APPLE-SA-2005-08-17
bid 12714
confirm
debian DSA-723
fedora FLSA-2006:152803
gentoo
  • GLSA-200503-08
  • GLSA-200503-15
sco
  • SCOSA-2005.57
  • SCOSA-2006.5
sectrack 1013339
secunia
  • 14460
  • 18049
  • 18316
  • 19624
sgi 20060403-01-U
ubuntu
  • USN-92-1
  • USN-97-1
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 21-08-2010 - 00:26
Published 02-03-2005 - 00:00
Last modified 03-10-2018 - 17:29
Back to Top