Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
X11r6 | X.org | 6.7.0 (including) | 6.7.0 (including) |
X11r6 | X.org | 6.8 (including) | 6.8 (including) |
X11r6 | Xfree86_project | 3.3.6 (including) | 3.3.6 (including) |
X11r6 | Xfree86_project | 4.0 (including) | 4.0 (including) |
X11r6 | Xfree86_project | 4.0.1 (including) | 4.0.1 (including) |
X11r6 | Xfree86_project | 4.0.2.11 (including) | 4.0.2.11 (including) |
X11r6 | Xfree86_project | 4.0.3 (including) | 4.0.3 (including) |
X11r6 | Xfree86_project | 4.1.0 (including) | 4.1.0 (including) |
X11r6 | Xfree86_project | 4.1.11 (including) | 4.1.11 (including) |
X11r6 | Xfree86_project | 4.1.12 (including) | 4.1.12 (including) |
X11r6 | Xfree86_project | 4.2.0 (including) | 4.2.0 (including) |
X11r6 | Xfree86_project | 4.2.1 (including) | 4.2.1 (including) |
X11r6 | Xfree86_project | 4.3.0 (including) | 4.3.0 (including) |
Lesstif1-1 | Ubuntu | dapper | * |
Lesstif1-1 | Ubuntu | edgy | * |
Lesstif2 | Ubuntu | dapper | * |
Lesstif2 | Ubuntu | devel | * |
Lesstif2 | Ubuntu | edgy | * |
Lesstif2 | Ubuntu | feisty | * |
Openmotif | Ubuntu | dapper | * |
Openmotif | Ubuntu | devel | * |
Openmotif | Ubuntu | edgy | * |
Openmotif | Ubuntu | feisty | * |
Red Hat Enterprise Linux 3 | RedHat | XFree86-0:4.3.0-69.EL | * |
Red Hat Enterprise Linux 3 | RedHat | openmotif-0:2.2.3-4.RHEL3.4 | * |
Red Hat Enterprise Linux 3 | RedHat | openmotif21-0:2.1.30-9.RHEL3.4 | * |
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
Red Hat Network Satellite Server v 4.2 | RedHat | jabberd-0:2.0s10-3.38.rhn | * |
Red Hat Network Satellite Server v 4.2 | RedHat | java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | jfreechart-0:0.9.20-3.rhn | * |
Red Hat Network Satellite Server v 4.2 | RedHat | openmotif21-0:2.1.30-11.RHEL4.6 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | perl-Crypt-CBC-0:2.24-1.el4 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | rhn-apache-0:1.3.27-36.rhn.rhel4 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | rhn-modjk-0:1.2.23-2rhn.rhel4 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | rhn-modperl-0:1.29-16.rhel4 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | rhn-modssl-0:2.8.12-8.rhn.10.rhel4 | * |
Red Hat Network Satellite Server v 4.2 | RedHat | tomcat5-0:5.0.30-0jpp_10rh | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | jabberd-0:2.0s10-3.37.rhn | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | jfreechart-0:0.9.20-3.rhn | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | openmotif21-0:2.1.30-9.RHEL3.8 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | perl-Crypt-CBC-0:2.24-1.el3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | rhn-apache-0:1.3.27-36.rhn.rhel3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | rhn-modjk-0:1.2.23-2rhn.rhel3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | rhn-modperl-0:1.29-16.rhel3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | rhn-modssl-0:2.8.12-8.rhn.10.rhel3 | * |
Red Hat Network Satellite Server v 4.2 (RHEL3) | RedHat | tomcat5-0:5.0.30-0jpp_10rh | * |