{"vuid":"VU#882750","idnumber":"882750","name":"libXpm image library vulnerable to buffer overflow","keywords":["libXpm","buffer overflow","X11","XPM","X PixMap","X Windows","apple_security_update_2005_005"],"overview":"libXpm image parsing code contains a buffer overflow vulnerability that may allow an attacker to cause a denial-of-service condition or execute arbitrary code.","clean_desc":"X PixMap (XPM) is a format for encoding and decoding images on the X Windows System 11 (X11). libXpm is a library of functions used to manipulate XPM images. There is a stack-based buffer overflow vulnerability in the xpmParseColors() function. This function is used to decode color information stored within a XPM image. Malicious users may be able to exploit this vulnerability by supplying the xpmParseColors() function with a specially crafted XPM image file. Applications that receive input from remote sources may be remotely exploitable. Any program that uses the libXpm library may be affected by this issue. Users are encouraged to contact their vendors to determine if they are vulnerable.","impact":"Specific impacts depend on the application being attacked. Potential consequences range from abrupt and abnormal program termination to the execution of arbitrary code with the privileges of the compromised program.","resolution":"Apply a Patch for X11 Version 6.8.0 The X.org Foundation has released a general patch to address this issue in 6.8.0 available at: http://www.x.org/pub/X11R6.8.0/patches/xorg-CAN-2004-0687-0688.patch Several vendors of relevant or derived implementations have released patches to address this vulnerability; please contact those vendors for further details. Upgrade X11 This issue has been corrected in X11 version 6.8.1.","workarounds":"","sysaffected":"","thanks":"Thanks to Chris Evans for reporting this vulnerability.","author":"This document was written by Jeff Gennari.","public":["http://scary.beasts.org/security/CESA-2004-003.txt","http://secunia.com/advisories/12542/","http://www.securitytracker.com/alerts/2004/Sep/1011324.html","http://www.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch","http://www.osvdb.org/displayvuln.php?osvdb_id=10029","http://www.osvdb.org/displayvuln.php?osvdb_id=10028"],"cveids":["CVE-2004-0687"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-09-16T13:37:01Z","publicdate":"2004-09-16T00:00:00Z","datefirstpublished":"2004-09-30T18:55:35Z","dateupdated":"2005-05-12T19:33:44Z","revision":100,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"16","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"13","cam_easeofexploitation":"9","cam_attackeraccessrequired":"11","cam_scorecurrent":"5.0675625","cam_scorecurrentwidelyknown":"6.0328125","cam_scorecurrentwidelyknownexploited":"10.8590625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.0675625,"vulnote":null}