VDB

GCVE-110-MAGEIA-2017-35

GCVE-110-MAGEIA-2017-35
Advisory Published
Vulnetix · Advisory published February 2, 2017
An out of boundary write has been found in libXpm before 3.5.12 which can be exploited by an attacker through maliciously crafted XPM files. To trigger the vulnerability, a program must explicitly request to also parse XPM extensions while reading files. The motif toolkit and xdm are two among some programs that set the flag (XpmReturnExtensions). It can only be exploited on 64-bit systems (CVE-2016-10164).

Affected Products

VendorProductVersionsPlatforms
Mageiacinnamon-session0 (affected), 3.2.0-1.1.mga6 (unaffected)
Mageialibxpm0 (affected), 3.5.12-1.mga5 (unaffected), 3.5.12-1.mga5 (unaffected), 0 (affected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›