Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6408-2
HistoryOct 23, 2023 - 5:39 p.m.

libxpm vulnerabilities

2023-10-2317:39:04
Google
osv.dev
20
libxpm
ubuntu
vulnerability
denial of service
remote attacker
execute arbitrary code

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

USN-6408-1 fixed several vulnerabilities in libXpm. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

Yair Mizrahi discovered that libXpm incorrectly handled certain malformed
XPM image files. If a user were tricked into opening a specially crafted
XPM image file, a remote attacker could possibly use this issue to consume
memory, leading to a denial of service. (CVE-2023-43786)

Yair Mizrahi discovered that libXpm incorrectly handled certain malformed
XPM image files. If a user were tricked into opening a specially crafted
XPM image file, a remote attacker could use this issue to cause libXpm to
crash, leading to a denial of service, or possibly execute arbitrary code.
(CVE-2023-43787)

Alan Coopersmith discovered that libXpm incorrectly handled certain
malformed XPM image files. If a user were tricked into opening a specially
crafted XPM image file, a remote attacker could possibly use this issue to
cause libXpm to crash, leading to a denial of service. (CVE-2023-43788,
CVE-2023-43789)

Related

nessus 84
openvas 57
cloudfoundry 3
osv 15
ubuntu 3
debian 4
fedora 5
amazon 2
slackware 2
oraclelinux 6
almalinux 5
redhat 5
mageia 2
rocky 1
freebsd 2
rosalinux 1
githubexploit 1
redos 1
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM : libXpm vulnerabilities (USN-6408-2)
2023-10-23 00:00:00
Oracle Linux 9 : libXpm (ELSA-2024-2146)
2024-05-06 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : libXpm vulnerabilities (USN-6408-1)
2023-10-03 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3603-1)
2023-10-06 00:00:00
Ubuntu: Security Advisory (USN-6408-2)
2023-10-24 00:00:00
Ubuntu: Security Advisory (USN-6408-1)
2023-10-04 00:00:00
cloudfoundry
cloudfoundry
USN-6408-1: libXpm vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
USN-6407-2: libx11 vulnerabilities | Cloud Foundry
2023-11-09 00:00:00
USN-6407-1: libx11 vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
osv
osv
libxpm vulnerabilities
2023-10-03 17:06:43
Moderate: motif security update
2024-04-30 00:00:00
Moderate: libXpm security update
2024-06-14 13:59:30
ubuntu
ubuntu
libXpm vulnerabilities
2023-10-23 00:00:00
libXpm vulnerabilities
2023-10-03 00:00:00
libx11 vulnerabilities
2023-10-03 00:00:00
debian
debian
[SECURITY] [DLA 3603-1] libxpm security update
2023-10-05 11:09:57
[SECURITY] [DSA 5516-1] libxpm security update
2023-10-05 18:17:01
[SECURITY] [DSA 5517-1] libx11 security update
2023-10-05 18:18:00
fedora
fedora
[SECURITY] Fedora 39 Update: libXpm-3.5.17-1.fc39
2023-11-03 18:53:48
[SECURITY] Fedora 39 Update: libX11-1.8.7-1.fc39
2023-10-07 03:24:34
[SECURITY] Fedora 37 Update: motif-2.3.4-30.fc37
2023-12-05 16:27:45
amazon
amazon
Medium: libXpm
2023-10-12 15:09:00
Medium: libXpm
2023-10-30 23:31:00
slackware
slackware
[slackware-security] libXpm
2023-10-03 22:25:46
[slackware-security] libX11
2023-10-03 22:25:17
oraclelinux
oraclelinux
motif security update
2024-05-23 00:00:00
libXpm security update
2024-05-02 00:00:00
motif security update
2024-05-02 00:00:00
almalinux
almalinux
Moderate: libXpm security update
2024-04-30 00:00:00
Moderate: libXpm security update
2024-05-22 00:00:00
Moderate: motif security update
2024-05-22 00:00:00
redhat
redhat
(RHSA-2024:2146) Moderate: libXpm security update
2024-04-30 06:14:52
(RHSA-2024:2974) Moderate: libXpm security update
2024-05-22 06:35:14
(RHSA-2024:3022) Moderate: motif security update
2024-05-22 06:35:23
mageia
mageia
Updated libxpm packages fix security vulnerabilities
2023-10-20 11:34:20
Updated libX11 packages fix security vulnerabilities
2023-10-14 01:56:51
rocky
rocky
libXpm security update
2024-06-14 13:59:30
freebsd
freebsd
x11/libXpm multiple vulnerabilities
2023-09-22 00:00:00
11/libX11 multiple vulnerabilities
2023-09-22 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2412
2024-05-02 09:11:55
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in X.Org Libx11
2024-01-16 20:04:05
redos
redos
ROS-20231018-04
2023-10-18 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for OSV:USN-6408-2
nessus84openvas57cloudfoundry3osv15ubuntu3debian4fedora5amazon2slackware2oraclelinux6almalinux5redhat5mageia2rocky1freebsd2rosalinux1githubexploit1redos1