Skip to navigation

CVE Database

CVE-2004-0914

Impact: Moderate
Public: 2004-09-15
Bugzilla: 430516: CVE-2004-0914 openmotif21 stack overflows in libxpm

Details

The MITRE CVE dictionary describes this issue as:

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

Find out more about CVE-2004-0914 from the MITRE CVE dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (XFree86) RHSA-2004:610 December 20, 2004
Red Hat Enterprise Linux version 2.1 (lesstif) RHSA-2005:004 January 12, 2005
Red Hat Enterprise Linux version 2.1 (openmotif) RHSA-2004:537 December 02, 2004
Red Hat Enterprise Linux version 3 RHSA-2004:537 December 02, 2004
Red Hat Enterprise Linux version 3 (XFree86) RHSA-2004:612 December 20, 2004
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 June 30, 2008
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 June 30, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.