CVE-2004-0914

Loading...

General

Score:10.0/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2004-0687, CVE-2004-0688, CVE-2004-0885, CVE-2005-0605, CVE-2005-2090, CVE-2005-3510, CVE-2005-3964, CVE-2005-4838, CVE-2006-0254, CVE-2006-0898, CVE-2006-1329, CVE-2006-3835, CVE-2006-5752, CVE-2006-7195, CVE-2006-7196, CVE-2006-7197, CVE-2007-0243, CVE-2007-0450, CVE-2007-1349, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-2435, CVE-2007-2449, CVE-2007-2450, CVE-2007-2788, CVE-2007-2789, CVE-2007-3304, CVE-2007-3382, CVE-2007-3385, CVE-2007-4465, CVE-2007-5000, CVE-2007-5461, CVE-2007-6306, CVE-2007-6388, CVE-2008-0128

Published on 10/01/05 - Updated on 11/10/17

Description

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

Category: N/A

NVD-CWE-Other (Other)
NVD is only using a subset of CWE for mapping instead of the entire CWE, and the weakness type is not covered by that subset.

Security Notices

US National Vulnerability DatabaseCVE-2004-0914
Redhat RHSA-2008:0524

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
gentoolinux
lesstiflesstif
redhatfedora_core
susesuse_linux
x.orgx11r6
xfree86_projectx11r6

Share this vulnerability with:

Twitter Facebook LinkedIn Mail