Skip to navigation

CVE Database

CVE-2004-0688

Impact: Moderate
Public: 2004-09-15
Bugzilla: 430515: CVE-2004-0688 openmotif21 stack overflows in libxpm

Details

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

Find out more about CVE-2004-0688 from the MITRE CVE dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (XFree86) RHSA-2004:479 October 06, 2004
Red Hat Enterprise Linux version 2.1 (lesstif) RHSA-2005:004 January 12, 2005
Red Hat Enterprise Linux version 2.1 (openmotif) RHSA-2004:537 December 02, 2004
Red Hat Enterprise Linux version 3 RHSA-2004:537 December 02, 2004
Red Hat Enterprise Linux version 3 (XFree86) RHSA-2004:478 October 04, 2004
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 June 30, 2008
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 June 30, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.