7.5
CVE-2004-0688
- EPSS 7.25%
- Veröffentlicht 20.10.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Xfree86 Project ≫ X11r6 Version3.3.6
Xfree86 Project ≫ X11r6 Version4.0
Xfree86 Project ≫ X11r6 Version4.0.1
Xfree86 Project ≫ X11r6 Version4.0.2.11
Xfree86 Project ≫ X11r6 Version4.0.3
Xfree86 Project ≫ X11r6 Version4.1.0
Xfree86 Project ≫ X11r6 Version4.1.11
Xfree86 Project ≫ X11r6 Version4.1.12
Xfree86 Project ≫ X11r6 Version4.2.0
Xfree86 Project ≫ X11r6 Version4.2.1
Xfree86 Project ≫ X11r6 Version4.2.1 Editionerrata
Xfree86 Project ≫ X11r6 Version4.3.0
Suse ≫ Suse Linux Version8 Editionenterprise_server
Suse ≫ Suse Linux Version8.1
Suse ≫ Suse Linux Version8.2
Suse ≫ Suse Linux Version9.0
Suse ≫ Suse Linux Version9.0 Editionenterprise_server
Suse ≫ Suse Linux Version9.0 Editionx86_64
Suse ≫ Suse Linux Version9.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.25% | 0.935 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924
http://ftp.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch
http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
http://marc.info/?l=bugtraq&m=109530851323415&w=2
http://scary.beasts.org/security/CESA-2004-003.txt
http://secunia.com/advisories/20235
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1
http://www.debian.org/security/2004/dsa-560
http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:098
http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html
http://www.redhat.com/support/errata/RHSA-2004-537.html
http://www.redhat.com/support/errata/RHSA-2005-004.html
http://www.securityfocus.com/archive/1/434715/100/0/threaded
http://www.securityfocus.com/bid/11196
http://www.us-cert.gov/cas/techalerts/TA05-136A.html
http://www.vupen.com/english/advisories/2006/1914
https://usn.ubuntu.com/27-1/
http://www.kb.cert.org/vuls/id/537878
https://exchange.xforce.ibmcloud.com/vulnerabilities/17416
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11796