CVE-2004-0914 : Detail

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

Lesstif>>Lesstif >> Version 0.93

Lesstif>>Lesstif >> Version 0.93.12

Lesstif>>Lesstif >> Version 0.93.18

Lesstif>>Lesstif >> Version 0.93.34

Lesstif>>Lesstif >> Version 0.93.36

Lesstif>>Lesstif >> Version 0.93.40

Lesstif>>Lesstif >> Version 0.93.91

Lesstif>>Lesstif >> Version 0.93.94

Lesstif>>Lesstif >> Version 0.93.96

X.org>>X11r6 >> Version 6.7.0

X.org>>X11r6 >> Version 6.8

X.org>>X11r6 >> Version 6.8.1

Xfree86_project>>X11r6 >> Version 3.3

Xfree86_project>>X11r6 >> Version 3.3.2

Xfree86_project>>X11r6 >> Version 3.3.3

Xfree86_project>>X11r6 >> Version 3.3.4

Xfree86_project>>X11r6 >> Version 3.3.5

Xfree86_project>>X11r6 >> Version 3.3.6

Xfree86_project>>X11r6 >> Version 4.0

Xfree86_project>>X11r6 >> Version 4.0.1

Xfree86_project>>X11r6 >> Version 4.0.2.11

Xfree86_project>>X11r6 >> Version 4.0.3

Xfree86_project>>X11r6 >> Version 4.1.0

Xfree86_project>>X11r6 >> Version 4.1.11

Xfree86_project>>X11r6 >> Version 4.1.12

Xfree86_project>>X11r6 >> Version 4.2.0

Xfree86_project>>X11r6 >> Version 4.2.1

Xfree86_project>>X11r6 >> Version 4.2.1

Xfree86_project>>X11r6 >> Version 4.3.0

Configuraton 0

Gentoo>>Linux >> Version *

• Gentoo>>Linux >> Version - (Open CPE detail)
• Gentoo>>Linux >> Version 1.2 (Open CPE detail)
• Gentoo>>Linux >> Version 1.4 (Open CPE detail)
• Gentoo>>Linux >> Version 1.4 (Open CPE detail)
• Gentoo>>Linux >> Version 1.4 (Open CPE detail)
• Gentoo>>Linux >> Version 1.4 (Open CPE detail)
• Gentoo>>Linux >> Version 1.4 (Open CPE detail)
• Gentoo>>Linux >> Version 2.1.30 (Open CPE detail)
• Gentoo>>Linux >> Version 2.2.28 (Open CPE detail)
• Gentoo>>Linux >> Version 2.3.30 (Open CPE detail)

Redhat>>Fedora_core >> Version core_2.0

Redhat>>Fedora_core >> Version core_3.0

Suse>>Suse_linux >> Version 1.0

Suse>>Suse_linux >> Version 8

Suse>>Suse_linux >> Version 8.1

• Suse>>Suse_linux >> Version 8.1 (Open CPE detail)

Suse>>Suse_linux >> Version 8.2

• Suse>>Suse_linux >> Version 8.2 (Open CPE detail)

Suse>>Suse_linux >> Version 9.0

• Suse>>Suse_linux >> Version 9.0 (Open CPE detail)
• Suse>>Suse_linux >> Version 9.0 (Open CPE detail)

Suse>>Suse_linux >> Version 9.0

• Suse>>Suse_linux >> Version 9.0 (Open CPE detail)

Suse>>Suse_linux >> Version 9.1

• Suse>>Suse_linux >> Version 9.1 (Open CPE detail)

Suse>>Suse_linux >> Version 9.2

• Suse>>Suse_linux >> Version 9.2 (Open CPE detail)

References