VDB
CVE-2004-0688
CVE-2004-0688
PUBLISHED
Reported by mitre · Published September 24, 2004
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Sep 24, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 1, 2023 EPSS Score
References
- VU#537878 third-party-advisoryx_refsource_CERT-VN
- RHSA-2005:004 vendor-advisoryx_refsource_REDHAT
- USN-27-1 vendor-advisoryx_refsource_UBUNTU
- ADV-2006-1914 vdb-entryx_refsource_VUPEN
- GLSA-200409-34 vendor-advisoryx_refsource_GENTOO
- TA05-136A third-party-advisoryx_refsource_CERT
- MDKSA-2004:098 vendor-advisoryx_refsource_MANDRAKE
- HPSBUX02119 vendor-advisoryx_refsource_HP
- RHSA-2004:537 vendor-advisoryx_refsource_REDHAT
- 20040915 CESA-2004-004: libXpm mailing-listx_refsource_BUGTRAQ
- DSA-560 vendor-advisoryx_refsource_DEBIAN
- oval:org.mitre.oval:def:11796 vdb-entrysignaturex_refsource_OVAL
- x_refsource_MISC
- APPLE-SA-2005-05-03 vendor-advisoryx_refsource_APPLE
- CLA-2005:924 vendor-advisoryx_refsource_CONECTIVA
- SUSE-SA:2004:034 vendor-advisoryx_refsource_SUSE
- libxpm-xpmfile-integer-overflow(17416) vdb-entryx_refsource_XF
- 11196 vdb-entryx_refsource_BID
- GLSA-200502-07 vendor-advisoryx_refsource_GENTOO
- x_refsource_CONFIRM
…and 3 more