CVE 2004-0687
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
Related bugs and status
CVE-2004-0687 (Candidate) is related to these bugs:
Bug #8260: libxpm4: Three exploitable overflows in XPM handling
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
8260 | libxpm4: Three exploitable overflows in XPM handling | libxpm (Ubuntu) | High | Invalid | ||
8260 | libxpm4: Three exploitable overflows in XPM handling | libxpm (Debian) | Unknown | Fix Released |
Bug #12635: multiple security holes in XPM code (CAN-2004-0914)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
12635 | multiple security holes in XPM code (CAN-2004-0914) | lesstif1-1 (Ubuntu) | High | Fix Released | ||
12635 | multiple security holes in XPM code (CAN-2004-0914) | lesstif1-1 (Debian) | Unknown | Fix Released |
Bug #13557: lesstif1-1: Further unfixed XPM buffer overflows (CAN-2005-0605)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
13557 | lesstif1-1: Further unfixed XPM buffer overflows (CAN-2005-0605) | lesstif1-1 (Ubuntu) | High | Fix Released | ||
13557 | lesstif1-1: Further unfixed XPM buffer overflows (CAN-2005-0605) | lesstif1-1 (Debian) | Unknown | Fix Released |
Bug #1187507: (open)motif should properly transition from libmotif3
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1187507 | (open)motif should properly transition from libmotif3 | motif (Ubuntu) | Low | Fix Released | ||
1187507 | (open)motif should properly transition from libmotif3 | motif (Debian) | Unknown | Fix Released | ||
1187507 | (open)motif should properly transition from libmotif3 | openmotif (Ubuntu Precise) | Undecided | Fix Released | ||
1187507 | (open)motif should properly transition from libmotif3 | openmotif (Ubuntu Quantal) | Undecided | Fix Released | ||
1187507 | (open)motif should properly transition from libmotif3 | openmotif (Ubuntu Raring) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.