SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#882750

libXpm image library vulnerable to buffer overflow

Overview

libXpm image parsing code contains a buffer overflow vulnerability that may allow an attacker to cause a denial-of-service condition or execute arbitrary code.

I. Description

X PixMap (XPM) is a format for encoding and decoding images on the X Windows System 11 (X11). libXpm is a library of functions used to manipulate XPM images. There is a stack-based buffer overflow vulnerability in the xpmParseColors() function. This function is used to decode color information stored within a XPM image. Malicious users may be able to exploit this vulnerability by supplying the xpmParseColors() function with a specially crafted XPM image file. Applications that receive input from remote sources may be remotely exploitable.

Any program that uses the libXpm library may be affected by this issue. Users are encouraged to contact their vendors to determine if they are vulnerable.

II. Impact

Specific impacts depend on the application being attacked. Potential consequences range from abrupt and abnormal program termination to the execution of arbitrary code with the privileges of the compromised program.

III. Solution

Apply a Patch for X11 Version 6.8.0


The X.org Foundation has released a general patch to address this issue in 6.8.0 available at:


Several vendors of relevant or derived implementations have released patches to address this vulnerability; please contact those vendors for further details.

Upgrade X11

This issue has been corrected in X11 version 6.8.1.

Systems Affected
VendorStatusDate Updated
Apple Computer Inc.Unknown11-Oct-2004
BSDIUnknown11-Oct-2004
ConectivaUnknown11-Oct-2004
Cray Inc.Unknown11-Oct-2004
DebianVulnerable11-Oct-2004
eMC CorporationUnknown11-Oct-2004
EngardeUnknown11-Oct-2004
F5 NetworksUnknown30-Sep-2004
FreeBSDVulnerable11-Oct-2004
FujitsuUnknown11-Oct-2004
GentooUnknown11-Oct-2004
Hewlett-Packard CompanyUnknown11-Oct-2004
HitachiUnknown11-Oct-2004
IBMUnknown11-Oct-2004
IBM-zSeriesUnknown11-Oct-2004
IBM eServerUnknown11-Oct-2004
IMmunixUnknown11-Oct-2004
Ingrian NetworksUnknown11-Oct-2004
Juniper NetworksUnknown11-Oct-2004
MandrakeSoftUnknown11-Oct-2004
MontaVista SoftwareUnknown11-Oct-2004
NEC CorporationUnknown11-Oct-2004
NETBSDUnknown11-Oct-2004
NokiaUnknown11-Oct-2004
NovellUnknown11-Oct-2004
OpenBSDUnknown11-Oct-2004
Openwall GNU/*/LinuxUnknown11-Oct-2004
Red Hat Inc.Unknown11-Oct-2004
SCOUnknown11-Oct-2004
SequentUnknown11-Oct-2004
SGIUnknown11-Oct-2004
Sony CorporationUnknown11-Oct-2004
Sun Microsystems Inc.Unknown11-Oct-2004
SuSE Inc.Vulnerable30-Sep-2004
TurboLinuxUnknown11-Oct-2004
UnisysUnknown11-Oct-2004
Wind River Systems Inc.Unknown11-Oct-2004
X ConsortiumUnknown20-Sep-2004
X11Unknown20-Sep-2004

References


http://scary.beasts.org/security/CESA-2004-003.txt
http://secunia.com/advisories/12542/
http://www.securitytracker.com/alerts/2004/Sep/1011324.html
http://www.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch
http://www.osvdb.org/displayvuln.php?osvdb_id=10029
http://www.osvdb.org/displayvuln.php?osvdb_id=10028

Credit

Thanks to Chris Evans for reporting this vulnerability.

This document was written by Jeff Gennari.

Other Information

Date Public09/16/2004
Date First Published09/30/2004 02:55:35 PM
Date Last Updated05/12/2005
CERT Advisory 
CVE NameCAN-2004-0687
US-CERT Technical Alerts 
Metric5.07
Document Revision94

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2004 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader