CVE Vulnerabilities

CVE-2004-0687

Published: Oct 20, 2004 | Modified: Jan 20, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

Affected Software

Name Vendor Start Version End Version
X11r6 Xfree86_project 4.1.0 4.1.0
X11r6 Xfree86_project 3.3.6 3.3.6
X11r6 Xfree86_project 4.0.2.11 4.0.2.11
X11r6 Xfree86_project 4.0.3 4.0.3
X11r6 X.org 6.7.0 6.7.0
X11r6 Xfree86_project 4.3.0 4.3.0
X11r6 Xfree86_project 4.2.1 4.2.1
X11r6 X.org 6.8 6.8
X11r6 Xfree86_project 4.0 4.0
X11r6 Xfree86_project 4.0.1 4.0.1
X11r6 Xfree86_project 4.2.0 4.2.0
X11r6 Xfree86_project 4.1.12 4.1.12
X11r6 Xfree86_project 4.2.1 4.2.1
X11r6 Xfree86_project 4.1.11 4.1.11

References