CVE Vulnerabilities

CVE-2004-0687

Published: Oct 20, 2004 | Modified: Jan 20, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

Affected Software

Name Vendor Start Version End Version
X11r6 X.org 6.7.0 (including) 6.7.0 (including)
X11r6 X.org 6.8 (including) 6.8 (including)
X11r6 Xfree86_project 3.3.6 (including) 3.3.6 (including)
X11r6 Xfree86_project 4.0 (including) 4.0 (including)
X11r6 Xfree86_project 4.0.1 (including) 4.0.1 (including)
X11r6 Xfree86_project 4.0.2.11 (including) 4.0.2.11 (including)
X11r6 Xfree86_project 4.0.3 (including) 4.0.3 (including)
X11r6 Xfree86_project 4.1.0 (including) 4.1.0 (including)
X11r6 Xfree86_project 4.1.11 (including) 4.1.11 (including)
X11r6 Xfree86_project 4.1.12 (including) 4.1.12 (including)
X11r6 Xfree86_project 4.2.0 (including) 4.2.0 (including)
X11r6 Xfree86_project 4.2.1 (including) 4.2.1 (including)
X11r6 Xfree86_project 4.3.0 (including) 4.3.0 (including)
Openmotif Ubuntu dapper *
Openmotif Ubuntu devel *
Openmotif Ubuntu edgy *
Openmotif Ubuntu feisty *
Red Hat Enterprise Linux 3 RedHat XFree86-0:4.3.0-69.EL *
Red Hat Enterprise Linux 3 RedHat openmotif-0:2.2.3-4.RHEL3.4 *
Red Hat Enterprise Linux 3 RedHat openmotif21-0:2.1.30-9.RHEL3.4 *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *
Red Hat Network Satellite Server v 4.2 RedHat jabberd-0:2.0s10-3.38.rhn *
Red Hat Network Satellite Server v 4.2 RedHat java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4 *
Red Hat Network Satellite Server v 4.2 RedHat jfreechart-0:0.9.20-3.rhn *
Red Hat Network Satellite Server v 4.2 RedHat openmotif21-0:2.1.30-11.RHEL4.6 *
Red Hat Network Satellite Server v 4.2 RedHat perl-Crypt-CBC-0:2.24-1.el4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-apache-0:1.3.27-36.rhn.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-modjk-0:1.2.23-2rhn.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-modperl-0:1.29-16.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-modssl-0:2.8.12-8.rhn.10.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat tomcat5-0:5.0.30-0jpp_10rh *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat jabberd-0:2.0s10-3.37.rhn *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat jfreechart-0:0.9.20-3.rhn *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat openmotif21-0:2.1.30-9.RHEL3.8 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat perl-Crypt-CBC-0:2.24-1.el3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-apache-0:1.3.27-36.rhn.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-modjk-0:1.2.23-2rhn.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-modperl-0:1.29-16.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-modssl-0:2.8.12-8.rhn.10.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat tomcat5-0:5.0.30-0jpp_10rh *

References