10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.088 Low
EPSS
Percentile
94.6%
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in
XFree86 and other packages, include (1) multiple integer overflows, (2)
out-of-bounds memory accesses, (3) directory traversal, (4) shell
metacharacter, (5) endless loops, and (6) memory leaks, which could allow
remote attackers to obtain sensitive information, cause a denial of service
(application crash), or execute arbitrary code via a certain XPM image
file. NOTE: it is highly likely that this candidate will be SPLIT into
other candidates in the future, per CVE’s content decisions.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | lesstif1-1 | < 0.93.94-12 | UNKNOWN |
ubuntu | 6.10 | noarch | lesstif1-1 | < 0.93.94-12 | UNKNOWN |
ubuntu | 6.06 | noarch | lesstif2 | < 0.94.4-1 | UNKNOWN |
ubuntu | 6.10 | noarch | lesstif2 | < 0.94.4-1 | UNKNOWN |
ubuntu | 7.04 | noarch | lesstif2 | < 0.94.4-1 | UNKNOWN |
ubuntu | 6.06 | noarch | openmotif | < 2.2.3-1.2ubuntu2 | UNKNOWN |
ubuntu | 6.10 | noarch | openmotif | < 2.2.3-1.2ubuntu2 | UNKNOWN |
ubuntu | 7.04 | noarch | openmotif | < 2.2.3-1.2ubuntu2 | UNKNOWN |