CVE-2004-0688

Published: 20 October 2004

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

Priority

Unknown

Status

Package Release Status
lesstif1-1
Launchpad, Ubuntu, Debian
Upstream Needs triage

lesstif2
Launchpad, Ubuntu, Debian
Upstream Needs triage

openmotif
Launchpad, Ubuntu, Debian
Upstream Needs triage

xorg
Launchpad, Ubuntu, Debian
Upstream Needs triage