Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm prior to 6.8.1 may allow remote malicious users to execute arbitrary code via a malformed XPM image file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xfree86 project x11r6 4.0.3 |
||
xfree86 project x11r6 4.1.0 |
||
xfree86 project x11r6 4.0.1 |
||
xfree86 project x11r6 4.0.2.11 |
||
xfree86 project x11r6 4.2.1 |
||
xfree86 project x11r6 4.3.0 |
||
x.org x11r6 6.7.0 |
||
x.org x11r6 6.8 |
||
xfree86 project x11r6 4.1.11 |
||
xfree86 project x11r6 4.1.12 |
||
xfree86 project x11r6 3.3.6 |
||
xfree86 project x11r6 4.0 |
||
xfree86 project x11r6 4.2.0 |
||
openbsd openbsd 3.4 |
||
suse suse linux 9.0 |
||
suse suse linux 9.1 |
||
openbsd openbsd 3.5 |
||
suse suse linux 8.1 |
||
suse suse linux 8.2 |
||
suse suse linux 8 |