{"vuid":"VU#537878","idnumber":"537878","name":"libXpm library contains multiple integer overflow vulnerabilities","keywords":["libXpm","integer overflow","XPM","XPixMap","X Windows","X11","apple_security_update_2005_005"],"overview":"libXpm contains multiple integer overflow vulnerabilities that may allow an attacker to cause a denial-of-service condition or execute arbitrary code.","clean_desc":"XPM is a format for encoding and decoding X PixMap images that is used in the X Windows System 11 (X11). libXpm is a library of functions used  to manipulate XPM images. Multiple libXpmroutines contain integer overflow vulnerabilities including, but not necessarily limited to, the following functions: xpmParseColors \nXpmCreateImageFromXpmImage\nCreateXImage\nParsePixels\nParseAndPutPixels\nParsePixels These issues are the result of insufficient validation of user-supplied data. Consequently, an attacker may be able to exploit these vulnerabilities by supplying an application using libXpm with a specially crafted XPM image. Applications that receive input from remote sources may be remotely exploitable. Any program that uses the libXpm library may be affected by this issue. Users are encouraged to contact their vendors to determine if they are vulnerable.","impact":"Specific impacts depend on the application and libXpm routine being attacked. Potential consequences range from abrupt and abnormal program termination to the execution of arbitrary code with the privileges of the compromised program.","resolution":"Apply a Patch for X11 Version 6.8.0 The X.org Foundation has released a patch to address this issue in version 6.8.0. In addition, several vendors of relevant or derived implementations have released patches to address this vulnerability; please contact those vendors for further details. Upgrade X11 This issue has been fixed in X11 version 6.8.1.","workarounds":"","sysaffected":"","thanks":"This vulnerability was publicly reported by Chris Evans.","author":"This document was written by Jeffrey Gennari.","public":["http://scary.beasts.org/security/CESA-2004-003.txt","http://secunia.com/advisories/12549/","http://www.securitytracker.com/alerts/2004/Sep/1011324.html","http://www.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch"],"cveids":["CVE-2004-0688"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-09-16T13:36:58Z","publicdate":"2004-09-16T00:00:00Z","datefirstpublished":"2004-09-30T18:55:02Z","dateupdated":"2005-10-06T12:50:10Z","revision":230,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"16","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"13","cam_easeofexploitation":"5","cam_attackeraccessrequired":"11","cam_scorecurrent":"2.8153125","cam_scorecurrentwidelyknown":"3.3515625","cam_scorecurrentwidelyknownexploited":"6.0328125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.8153125,"vulnote":null}