CVE-2004-0688
Published: 20 October 2004
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Priority
Status
Package | Release | Status |
---|---|---|
lesstif1-1 Launchpad, Ubuntu, Debian |
dapper |
Released
(0.93.94-12)
|
edgy |
Released
(0.93.94-12)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
lesstif2 Launchpad, Ubuntu, Debian |
dapper |
Released
(0.94.4-1)
|
edgy |
Released
(0.94.4-1)
|
|
feisty |
Released
(0.94.4-1)
|
|
upstream |
Needs triage
|
|
openmotif Launchpad, Ubuntu, Debian |
dapper |
Released
(2.2.3-1.2ubuntu2)
|
edgy |
Released
(2.2.3-1.2ubuntu2)
|
|
feisty |
Released
(2.2.3-1.2ubuntu2)
|
|
upstream |
Needs triage
|
|
xorg Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
upstream |
Needs triage
|