CVE-2005-0605

10 documents6 sources

Severity

7.5HIGH

EPSS

2.8%

top 13.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Altlinux ALT Linux Lesstif Lesstif Mandrakesoft Mandrake Linux +8 more

Timeline

PublishedMar 2

Latest updateMay 3

Description

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages10 packages

▶NVDsgi/propack3.0

▶NVDx.org/x11r66.7.0, 6.8, 6.8.1+2

▶NVDlesstif/lesstif0.93.94

▶NVDsuse/suse_linux14 versions+13

▶NVDaltlinux/alt_linux2.3

Also affects: Enterprise Linux 3.0, 4.0

Patches

Patch: bugs.gentoo.org ↗Patch: bugs.gentoo.org ↗Patch: security.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-fcqj-f8qj-8gcp: scan↗2022-05-03

▶

CVEList

CVE-2005-0605: scan↗2005-03-04

▶

📋Vendor Advisories

Ubuntu

libxpm vulnerability↗2005-03-16

▶

Ubuntu

LessTif vulnerabilities↗2005-03-08

▶

Red Hat

libxpm buffer overflow↗2005-03-01

▶

💬Community

Bugzilla

CVE-2005-0605 libxpm buffer overflow↗2008-01-28

▶

Bugzilla

libXpm CAN-2005-0605↗2005-04-06

▶