libXpm CreateXImage Function Integer Overflow

2004-09-15T00:00:00
ID OSVDB:10032
Type osvdb
Reporter Chris Evans(chris@scary.beasts.org)
Modified 2004-09-15T00:00:00

Description

Vulnerability Description

A local overflow exists in libXpm. The CreateXImage function fails to validate user-supplied input resulting in an integer overflow. With a specially crafted request, a malicious user can cause a denial of service resulting in a loss of availability.

Solution Description

Upgrade to version 6.8.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in libXpm. The CreateXImage function fails to validate user-supplied input resulting in an integer overflow. With a specially crafted request, a malicious user can cause a denial of service resulting in a loss of availability.

References:

Vendor URL: http://www.x.org/ Vendor Specific Advisory URL Secunia Advisory ID:12554 Secunia Advisory ID:12583 Secunia Advisory ID:12579 Secunia Advisory ID:12574 Secunia Advisory ID:13347 Secunia Advisory ID:13835 Secunia Advisory ID:14156 Secunia Advisory ID:15227 Secunia Advisory ID:12549 Secunia Advisory ID:12727 Secunia Advisory ID:12782 Secunia Advisory ID:12777 Secunia Advisory ID:13098 Secunia Advisory ID:13351 Secunia Advisory ID:13353 Secunia Advisory ID:13350 Secunia Advisory ID:14301 Secunia Advisory ID:16601 Secunia Advisory ID:20235 Secunia Advisory ID:12553 Secunia Advisory ID:12653 Secunia Advisory ID:12652 Secunia Advisory ID:12763 Secunia Advisory ID:12781 Related OSVDB ID: 10026 Related OSVDB ID: 10029 Related OSVDB ID: 10034 Related OSVDB ID: 10031 Related OSVDB ID: 10030 Related OSVDB ID: 10027 Related OSVDB ID: 10028 Related OSVDB ID: 10033 Related OSVDB ID: 10035 Related OSVDB ID: 10032 RedHat RHSA: RHSA-2005:004-12 RedHat RHSA: RHSA-2004:478 Other Advisory URL: http://www.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml Other Advisory URL: http://www.debian.org/security/2004/dsa-561 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200502-07.xml Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:099 Other Advisory URL: http://sourceforge.net/mailarchive/forum.php?thread_id=5594360&forum_id=30340 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200410-09.xml Other Advisory URL: http://www.ics.com/developers/index.php?cont=xpm_security_alert Other Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-537.html Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000924 Other Advisory URL: http://docs.info.apple.com/article.html?artnum=301528 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:098 Other Advisory URL: http://www.suse.de/de/security/2004_34_xfree86_libs_xshared.html Other Advisory URL: http://scary.beasts.org/security/CESA-2004-003.txt Other Advisory URL: http://www.debian.org/security/2004/dsa-560 Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:124 ISS X-Force ID: 17416 CVE-2004-0688 CERT VU: 537878 Bugtraq ID: 13480