Lucene search

[email protected]NVD:CVE-2004-0914

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-0914

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.088 Low

EPSS

Percentile

94.6%

JSON

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE’s content decisions.

Affected configurations

NVD

Node

lesstiflesstifMatch0.93

lesstiflesstifMatch0.93.12

lesstiflesstifMatch0.93.18

lesstiflesstifMatch0.93.34

lesstiflesstifMatch0.93.36

lesstiflesstifMatch0.93.40

lesstiflesstifMatch0.93.91

lesstiflesstifMatch0.93.94

lesstiflesstifMatch0.93.96

x.orgx11r6Match6.7.0

x.orgx11r6Match6.8

x.orgx11r6Match6.8.1

xfree86_projectx11r6Match3.3

xfree86_projectx11r6Match3.3.2

xfree86_projectx11r6Match3.3.3

xfree86_projectx11r6Match3.3.4

xfree86_projectx11r6Match3.3.5

xfree86_projectx11r6Match3.3.6

xfree86_projectx11r6Match4.0

xfree86_projectx11r6Match4.0.1

xfree86_projectx11r6Match4.0.2.11

xfree86_projectx11r6Match4.0.3

xfree86_projectx11r6Match4.1.0

xfree86_projectx11r6Match4.1.11

xfree86_projectx11r6Match4.1.12

xfree86_projectx11r6Match4.2.0

xfree86_projectx11r6Match4.2.1

xfree86_projectx11r6Match4.2.1errata

xfree86_projectx11r6Match4.3.0

Node

gentoolinux

redhatfedora_coreMatchcore_2.0

redhatfedora_coreMatchcore_3.0

susesuse_linuxMatch1.0desktop

susesuse_linuxMatch8enterprise_server

susesuse_linuxMatch8.1

susesuse_linuxMatch8.2

susesuse_linuxMatch9.0

susesuse_linuxMatch9.0enterprise_server

susesuse_linuxMatch9.1

susesuse_linuxMatch9.2

References

rhn.redhat.com/errata/RHSA-2004-537.html

secunia.com/advisories/13224/

www.debian.org/security/2004/dsa-607

www.gentoo.org/security/en/glsa/glsa-200411-28.xml

www.gentoo.org/security/en/glsa/glsa-200502-06.xml

www.gentoo.org/security/en/glsa/glsa-200502-07.xml

www.linuxsecurity.com/content/view/106877/102/

www.mandriva.com/security/advisories?name=MDKSA-2004:137

www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html

www.redhat.com/support/errata/RHSA-2004-610.html

www.redhat.com/support/errata/RHSA-2005-004.html

www.securityfocus.com/bid/11694

www.ubuntu.com/usn/usn-83-1

www.ubuntu.com/usn/usn-83-2

www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch

www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228

exchange.xforce.ibmcloud.com/vulnerabilities/18142

exchange.xforce.ibmcloud.com/vulnerabilities/18144

exchange.xforce.ibmcloud.com/vulnerabilities/18145

exchange.xforce.ibmcloud.com/vulnerabilities/18146

exchange.xforce.ibmcloud.com/vulnerabilities/18147

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.088 Low

EPSS

Percentile

94.6%

JSON

Related for NVD:CVE-2004-0914

cve1 openvas13 nessus19 gentoo3 ubuntucve1 ubuntu2 osv2 securityvulns1 debian4 redhat5 cvelist1 freebsd1