CVE-2004-0914
published 2005-01-10CVE-2004-0914: Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds…
PriorityP431critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
8.70%
94.5th percentile
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| lesstif | lesstif | — | — |
| redhat | fedora_core | — | — |
| redhat | fedora_core | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| x.org | x11r6 | — | — |
| x.org | x11r6 | — | — |
| x.org | x11r6 | — | — |
| xfree86_project | x11r6 | — | — |
| xfree86_project | x11r6 | — | — |
| xfree86_project | x11r6 | — | — |
| xfree86_project | x11r6 | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
LessTif 1 vulnerabilities
vendor_ubuntu·2005-09-13
CVE-2004-0914 LessTif 1 vulnerabilities
Title: LessTif 1 vulnerabilities
Summary: LessTif 1 vulnerabilities
USN-83-1 fixed some vulnerabilities in the "lesstif2" library. The
older "lesstif1" library was also affected, however, a fix was not yet
available at that time. This USN fixes the flaws for lesstif1.
Please note that there are no supported applications that use this
library, so this only affects you if you use third-party applications
which use lesstif1.
For your convenience, here is the relevant part of the USN-83-1
description:
Several vulnerabilities have been found in the XPM image decoding
functions of the LessTif library. If an attacker tricked a user into
loading a malicious XPM image with an application that uses LessTif,
he could exploit this to execute arbitrary code in the context of
the user opening the i
Ubuntu
LessTif 2 vulnerabilities
vendor_ubuntu·2005-02-16
CVE-2004-0914 LessTif 2 vulnerabilities
Title: LessTif 2 vulnerabilities
Summary: LessTif 2 vulnerabilities
Several vulnerabilities have been found in the XPM image decoding
functions of the LessTif library. If an attacker tricked a user into
loading a malicious XPM image with an application that uses LessTif,
he could exploit this to execute arbitrary code in the context of the
user opening the image.
Ubuntu does not contain any server applications using LessTif, so
there is no possibility of privilege escalation.
Please note that this update only fixes lesstif2. The older lesstif1
version is also affected. A proper fix for lesstif1 will still take
some time and will be done in a separate USN. However, no Ubuntu
application uses lesstif1, so this could only affect you if you use
third party software which depends on this li
Red Hat
openmotif21 stack overflows in libxpm
vendor_redhat·2004-09-15·CVSS 10.0
CVE-2004-0914 [CRITICAL] openmotif21 stack overflows in libxpm
openmotif21 stack overflows in libxpm
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
GHSA
GHSA-p8cv-44qj-63q8: Multiple vulnerabilities in libXpm for 6
ghsa_unreviewed·2022-04-29
CVE-2004-0914 [HIGH] GHSA-p8cv-44qj-63q8: Multiple vulnerabilities in libXpm for 6
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2004-0914 openmotif21 stack overflows in libxpm
bugzilla·2008-01-28·CVSS 10.0
CVE-2004-0914 [CRITICAL] CVE-2004-0914 openmotif21 stack overflows in libxpm
CVE-2004-0914 openmotif21 stack overflows in libxpm
Common Vulnerabilities and Exposures assigned an identifier CVE-2004-0914 to the following vulnerability:
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
References:
http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-09
Bugzilla
CAN-2004-0687 libxpm flaws affect OpenMotif (CAN-2004-0688, CAN-2004-0914)
bugzilla·2004-10-05
[MEDIUM] CAN-2004-0687 libxpm flaws affect OpenMotif (CAN-2004-0688, CAN-2004-0914)
CAN-2004-0687 libxpm flaws affect OpenMotif (CAN-2004-0688, CAN-2004-0914)
During a source code audit, Chris Evans discovered several stack
overflow flaws and an integer overflow flaw in the libXpm library used
to decode XPM (X PixMap) images. A vulnerable version of this library
was found within OpenMotif. An attacker could create a carefully crafted
XPM file which would cause an application to crash or potentially
execute arbitrary code if opened by a victim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
names CAN-2004-0687 and CAN-2004-0688 to these issues.
Thomas Woerner discovered that OpenMotif had embedded an old libxpm
library that is vulnerable to these issues.
CAN-2004-0687/8 Affects: 2.1AS 2.1ES 2.1WS 2.1AW
CAN-2004-0687/8 Affects: 3AS 3WS
http://rhn.redhat.com/errata/RHSA-2004-537.htmlhttp://secunia.com/advisories/13224/http://www.debian.org/security/2004/dsa-607http://www.gentoo.org/security/en/glsa/glsa-200411-28.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200502-06.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200502-07.xmlhttp://www.linuxsecurity.com/content/view/106877/102/http://www.mandriva.com/security/advisories?name=MDKSA-2004:137http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.htmlhttp://www.redhat.com/support/errata/RHSA-2004-610.htmlhttp://www.redhat.com/support/errata/RHSA-2005-004.htmlhttp://www.securityfocus.com/bid/11694http://www.ubuntu.com/usn/usn-83-1http://www.ubuntu.com/usn/usn-83-2http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patchhttp://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228https://exchange.xforce.ibmcloud.com/vulnerabilities/18142https://exchange.xforce.ibmcloud.com/vulnerabilities/18144https://exchange.xforce.ibmcloud.com/vulnerabilities/18145https://exchange.xforce.ibmcloud.com/vulnerabilities/18146https://exchange.xforce.ibmcloud.com/vulnerabilities/18147https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943http://rhn.redhat.com/errata/RHSA-2004-537.htmlhttp://secunia.com/advisories/13224/http://www.debian.org/security/2004/dsa-607http://www.gentoo.org/security/en/glsa/glsa-200411-28.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200502-06.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200502-07.xmlhttp://www.linuxsecurity.com/content/view/106877/102/http://www.mandriva.com/security/advisories?name=MDKSA-2004:137http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.htmlhttp://www.redhat.com/support/errata/RHSA-2004-610.htmlhttp://www.redhat.com/support/errata/RHSA-2005-004.htmlhttp://www.securityfocus.com/bid/11694http://www.ubuntu.com/usn/usn-83-1http://www.ubuntu.com/usn/usn-83-2http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patchhttp://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228https://exchange.xforce.ibmcloud.com/vulnerabilities/18142https://exchange.xforce.ibmcloud.com/vulnerabilities/18144https://exchange.xforce.ibmcloud.com/vulnerabilities/18145https://exchange.xforce.ibmcloud.com/vulnerabilities/18146https://exchange.xforce.ibmcloud.com/vulnerabilities/18147https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943
2005-01-10
Published