|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA12549] X11 libXpm XPM Image Decoding Vulnerabilities
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Sep 16 2004 - 08:25:56 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
X11 libXpm XPM Image Decoding Vulnerabilities
SECUNIA ADVISORY ID:
SA12549
VERIFY ADVISORY:
http://secunia.com/advisories/12549/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
X Window System 11 (X11) 6.x
http://secunia.com/product/3913/
DESCRIPTION:
Chris Evans has reported multiple vulnerabilities in libXpm, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
1) A boundary error within the "xpmParseColors()" function can be
exploited to cause a stack-based buffer overflow when a specially
crafted XPM file is processed.
Successful exploitation may potentially allow execution of arbitrary
code.
2) Various input validation errors can be exploited to cause integer
overflows when a specially crafted XPM file is processed.
Successful exploitation causes an affected application to crash and
may potentially also allow arbitrary code execution.
SOLUTION:
Update to version 6.8.1 or apply patch.
Patch for version 6.8.0.
http://www.x.org/pub/X11R6.8.0/patches/xorg-CAN-2004-0687-0688.patch
PROVIDED AND/OR DISCOVERED BY:
Chris Evans
ORIGINAL ADVISORY:
X.Org:
http://www.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch
Chris Evans:
http://scary.beasts.org/security/CESA-2004-003.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]