Chris Gilbert discovered a buffer overflow in the XPM library shipped with XFree86. If an attacker tricked a user into loading a malicious XPM image with an application that uses libxpm, he could exploit this to execute arbitrary code with the privileges of the user opening the image.
These overflows do not allow privilege escalation through the X server; the overflows are in a client-side library.
16 March 2005
A security issue affects these releases of Ubuntu and its derivatives:
Chris Gilbert discovered a buffer overflow in the XPM library shipped with XFree86. If an attacker tricked a user into loading a malicious XPM image with an application that uses libxpm, he could exploit this to execute arbitrary code with the privileges of the user opening the image.
These overflows do not allow privilege escalation through the X server; the overflows are in a client-side library.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.