Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2005-01-09 21:00
Updated : 2017-10-10 18:29
NVD link : CVE-2004-0914
Mitre link : CVE-2004-0914
JSON object : View
CWE
Products Affected
lesstif
- lesstif
gentoo
- linux
suse
- suse_linux
redhat
- fedora_core
xfree86_project
- x11r6
x.org
- x11r6