CVE-2004-0914 — Vulnetix

CVE-2004-0914 PUBLISHED

Reported by mitre · Published December 15, 2004

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, n/a

Timeline

Dec 15, 2004 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 17, 2023 EPSS Score
Sep 8, 2023 EPSS Score
Oct 30, 2023 EPSS Score

References

RHSA-2005:004 vendor-advisoryx_refsource_REDHAT
libxpm-directory-traversal(18146) vdb-entryx_refsource_XF
USN-83-1 vendor-advisoryx_refsource_UBUNTU
RHSA-2004:537 vendor-advisoryx_refsource_REDHAT
libxpm-image-bo(18142) vdb-entryx_refsource_XF
13224 third-party-advisoryx_refsource_SECUNIA
oval:org.mitre.oval:def:9943 vdb-entrysignaturex_refsource_OVAL
FEDORA-2004-433 vendor-advisoryx_refsource_FEDORA
x_refsource_CONFIRM
RHSA-2004:610 vendor-advisoryx_refsource_REDHAT
libxpm-improper-memory-access(18144) vdb-entryx_refsource_XF
GLSA-200502-07 vendor-advisoryx_refsource_GENTOO
FLSA-2006:152803 vendor-advisoryx_refsource_FEDORA
DSA-607 vendor-advisoryx_refsource_DEBIAN
11694 vdb-entryx_refsource_BID
GLSA-200502-06 vendor-advisoryx_refsource_GENTOO
USN-83-2 vendor-advisoryx_refsource_UBUNTU
HPSBTU01228 vendor-advisoryx_refsource_HP
MDKSA-2004:137 vendor-advisoryx_refsource_MANDRAKE
GLSA-200411-28 vendor-advisoryx_refsource_GENTOO

…and 2 more

Open in Interactive Console →