Vulnerability Note VU#882750

libXpm image library vulnerable to buffer overflow

Original Release date: 30 Sep 2004 | Last revised: 12 May 2005

Overview

libXpm image parsing code contains a buffer overflow vulnerability that may allow an attacker to cause a denial-of-service condition or execute arbitrary code.

Description

X PixMap (XPM) is a format for encoding and decoding images on the X Windows System 11 (X11). libXpm is a library of functions used to manipulate XPM images. There is a stack-based buffer overflow vulnerability in the xpmParseColors() function. This function is used to decode color information stored within a XPM image. Malicious users may be able to exploit this vulnerability by supplying the xpmParseColors() function with a specially crafted XPM image file. Applications that receive input from remote sources may be remotely exploitable.

Any program that uses the libXpm library may be affected by this issue. Users are encouraged to contact their vendors to determine if they are vulnerable.

Impact

Specific impacts depend on the application being attacked. Potential consequences range from abrupt and abnormal program termination to the execution of arbitrary code with the privileges of the compromised program.

Solution

Apply a Patch for X11 Version 6.8.0

The X.org Foundation has released a general patch to address this issue in 6.8.0 available at:


Several vendors of relevant or derived implementations have released patches to address this vulnerability; please contact those vendors for further details.

Upgrade X11

This issue has been corrected in X11 version 6.8.1.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
DebianAffected23 Sep 200411 Oct 2004
FreeBSDAffected23 Sep 200411 Oct 2004
SuSE Inc.Affected23 Sep 200430 Sep 2004
Apple Computer Inc.Unknown23 Sep 200411 Oct 2004
BSDIUnknown-11 Oct 2004
ConectivaUnknown-11 Oct 2004
Cray Inc.Unknown23 Sep 200411 Oct 2004
eMC CorporationUnknown-11 Oct 2004
EngardeUnknown-11 Oct 2004
F5 NetworksUnknown-30 Sep 2004
FujitsuUnknown-11 Oct 2004
GentooUnknown-11 Oct 2004
Hewlett-Packard CompanyUnknown-11 Oct 2004
HitachiUnknown-11 Oct 2004
IBMUnknown-11 Oct 2004
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Chris Evans for reporting this vulnerability.

This document was written by Jeff Gennari.

Other Information

  • CVE IDs: CAN-2004-0687
  • Date Public: 16 Sep 2004
  • Date First Published: 30 Sep 2004
  • Date Last Updated: 12 May 2005
  • Severity Metric: 5.07
  • Document Revision: 94

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.