Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-0605

Published: 02/03/2005 Updated: 03/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to X11r6

Vulnerability Summary

scan.c for LibXPM may allow malicious users to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

x.org x11r6 6.8

x.org x11r6 6.8.1

xfree86 project x11r6 3.3

xfree86 project x11r6 4.0.1

xfree86 project x11r6 4.0.2.11

xfree86 project x11r6 4.2.1

xfree86 project x11r6 4.3.0

sgi propack 3.0

x.org x11r6 6.7.0

xfree86 project x11r6 3.3.6

xfree86 project x11r6 4.0

xfree86 project x11r6 4.2.0

lesstif lesstif 0.93.94

xfree86 project x11r6 3.3.4

xfree86 project x11r6 3.3.5

xfree86 project x11r6 4.1.11

xfree86 project x11r6 4.1.12

xfree86 project x11r6 3.3.2

xfree86 project x11r6 3.3.3

xfree86 project x11r6 4.0.3

xfree86 project x11r6 4.1.0

xfree86 project x11r6 4.3.0.1

xfree86 project x11r6 4.3.0.2

mandrakesoft mandrake linux 10.0

mandrakesoft mandrake linux 10.1

redhat enterprise linux 3.0

redhat fedora core core_2.0

redhat fedora core core_3.0

suse suse linux 6.4

suse suse linux 7.1

suse suse linux 7.3

suse suse linux 9.1

altlinux alt linux 2.3

mandrakesoft mandrake linux corporate server 3.0

redhat enterprise linux desktop 3.0

redhat enterprise linux desktop 4.0

suse suse linux 6.3

suse suse linux 7.0

suse suse linux 7.2

suse suse linux 9.0

mandrakesoft mandrake linux corporate server 2.1

redhat enterprise linux 4.0

suse suse linux 6.2

suse suse linux 8.0

suse suse linux 8.1

suse suse linux 8.2

mandrakesoft mandrake linux 10.2

suse suse linux 6.1

suse suse linux 9.2

Vendor Advisories

Ubuntu Security Notice: xfree86 vulnerability
Chris Gilbert discovered a buffer overflow in the XPM library shipped with XFree86 If an attacker tricked a user into loading a malicious XPM image with an application that uses libxpm, he could exploit this to execute arbitrary code with the privileges of the user opening the image ...
Ubuntu Security Notice: lesstif1-1 vulnerabilities
Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image ...
Red Hat: openmotif security update
Synopsis openmotif security update Type/Severity Security Advisory: Moderate Topic Updated openmotif packages that fix a flaw in the Xpm image library are nowavailableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description OpenMotif p ...
Red Hat: XFree86 security update
Synopsis XFree86 security update Type/Severity Security Advisory: Moderate Topic Updated XFree86 packages that fix a libXpm integer overflow flaw and anumber of bugs are now availableThis update has been rated as having moderate security impact by the Red HatSecurity Response Team Description ...
Red Hat: XFree86 security update
Synopsis XFree86 security update Type/Severity Security Advisory: Moderate Topic Updated XFree86 packages that fix a libXpm integer overflow flaw are nowavailableThis update has been rated as having moderate security impact by the Red HatSecurity Response Team Description XFree86 is an op ...
Red Hat: xorg-x11 security update
Synopsis xorg-x11 security update Type/Severity Security Advisory: Moderate Topic Updated xorg-x11 packages that fix a security issue as well as various bugsare now available for Red Hat Enterprise Linux 4This update has been rated as having moderate security impact by the RedHat Security Response Team ...

References

NVD-CWE-Otherhttps://bugs.freedesktop.org/attachment.cgi?id=1909http://security.gentoo.org/glsa/glsa-200503-08.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200503-15.xmlhttp://bugs.gentoo.org/show_bug.cgi?id=83655http://bugs.gentoo.org/show_bug.cgi?id=83598http://www.redhat.com/support/errata/RHSA-2005-331.htmlhttp://securitytracker.com/id?1013339http://www.securityfocus.com/bid/12714http://www.debian.org/security/2005/dsa-723http://www.redhat.com/support/errata/RHSA-2005-412.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txthttp://secunia.com/advisories/14460http://secunia.com/advisories/18049ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txthttp://secunia.com/advisories/18316http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.htmlhttp://www.redhat.com/support/errata/RHSA-2005-044.htmlhttp://www.redhat.com/support/errata/RHSA-2005-198.htmlhttp://www.redhat.com/support/errata/RHSA-2005-473.htmlftp://patches.sgi.com/support/free/security/advisories/20060403-01-Uhttp://secunia.com/advisories/19624http://www.redhat.com/support/errata/RHSA-2008-0261.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411https://usn.ubuntu.com/97-1/https://usn.ubuntu.com/92-1/https://nvd.nist.govhttps://usn.ubuntu.com/97-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook