ID CVE-2004-0914
Summary Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
References
Vulnerable Configurations
  • cpe:2.3:a:lesstif:lesstif:0.93:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.12:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.12:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.18:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.18:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.34:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.34:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.36:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.36:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.40:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.40:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.91:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.91:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*
  • cpe:2.3:a:lesstif:lesstif:0.93.96:*:*:*:*:*:*:*
    cpe:2.3:a:lesstif:lesstif:0.93.96:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*
    cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
    cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:23:30.970-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
description Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
family unix
id oval:org.mitre.oval:def:9943
status accepted
submitted 2010-07-09T03:56:16-04:00
title Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
version 23
redhat via4
advisories
  • rhsa
    id RHSA-2004:537
  • rhsa
    id RHSA-2004:610
  • rhsa
    id RHSA-2005:004
refmap via4
bid 11694
confirm http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch
debian DSA-607
fedora
  • FEDORA-2004-433
  • FLSA-2006:152803
gentoo
  • GLSA-200411-28
  • GLSA-200502-06
  • GLSA-200502-07
hp HPSBTU01228
mandrake MDKSA-2004:137
secunia 13224
ubuntu
  • USN-83-1
  • USN-83-2
xf
  • libxpm-command-execution(18145)
  • libxpm-directory-traversal(18146)
  • libxpm-dos(18147)
  • libxpm-image-bo(18142)
  • libxpm-improper-memory-access(18144)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 11-10-2017 - 01:29
Published 10-01-2005 - 05:00
Back to Top