CVE-2004-0688 — Vulnetix

Try Vulnetix Request Demo

CVE-2004-0688 PUBLISHED

Reported by mitre · Published September 24, 2004

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, n/a

Timeline

Sep 24, 2004 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

VU#537878 third-party-advisoryx_refsource_CERT-VN
RHSA-2005:004 vendor-advisoryx_refsource_REDHAT
USN-27-1 vendor-advisoryx_refsource_UBUNTU
ADV-2006-1914 vdb-entryx_refsource_VUPEN
GLSA-200409-34 vendor-advisoryx_refsource_GENTOO
TA05-136A third-party-advisoryx_refsource_CERT
MDKSA-2004:098 vendor-advisoryx_refsource_MANDRAKE
HPSBUX02119 vendor-advisoryx_refsource_HP
RHSA-2004:537 vendor-advisoryx_refsource_REDHAT
20040915 CESA-2004-004: libXpm mailing-listx_refsource_BUGTRAQ
DSA-560 vendor-advisoryx_refsource_DEBIAN
oval:org.mitre.oval:def:11796 vdb-entrysignaturex_refsource_OVAL
x_refsource_MISC
APPLE-SA-2005-05-03 vendor-advisoryx_refsource_APPLE
CLA-2005:924 vendor-advisoryx_refsource_CONECTIVA
SUSE-SA:2004:034 vendor-advisoryx_refsource_SUSE
libxpm-xpmfile-integer-overflow(17416) vdb-entryx_refsource_XF
11196 vdb-entryx_refsource_BID
GLSA-200502-07 vendor-advisoryx_refsource_GENTOO
x_refsource_CONFIRM

…and 3 more

Open in Interactive Console →