5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
88.9%
XFree86 is an open source implementation of the X Window System. It
provides the basic low-level functionality that full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.
Several integer overflow bugs were found in the way XFree86 parses pixmap
images. It is possible for a user to gain elevated privileges by loading a
specially crafted pixmap image. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2005-2495 to this issue.
Users of XFree86 should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | xfree86-iso8859-15-75dpi-fonts | <Â 4.1.0-73.EL | XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm |
RedHat | any | ia64 | xfree86-iso8859-15-100dpi-fonts | <Â 4.1.0-73.EL | XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm |
RedHat | any | ia64 | xfree86-xnest | <Â 4.1.0-73.EL | XFree86-Xnest-4.1.0-73.EL.ia64.rpm |
RedHat | any | i386 | xfree86-xnest | <Â 4.1.0-73.EL | XFree86-Xnest-4.1.0-73.EL.i386.rpm |
RedHat | any | ia64 | xfree86-75dpi-fonts | <Â 4.1.0-73.EL | XFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm |
RedHat | any | i386 | xfree86-iso8859-9-100dpi-fonts | <Â 4.1.0-73.EL | XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm |
RedHat | any | i386 | xfree86-xf86cfg | <Â 4.1.0-73.EL | XFree86-xf86cfg-4.1.0-73.EL.i386.rpm |
RedHat | any | i386 | xfree86-doc | <Â 4.1.0-73.EL | XFree86-doc-4.1.0-73.EL.i386.rpm |
RedHat | any | i386 | xfree86-tools | <Â 4.1.0-73.EL | XFree86-tools-4.1.0-73.EL.i386.rpm |
RedHat | any | ia64 | xfree86-xfs | <Â 4.1.0-73.EL | XFree86-xfs-4.1.0-73.EL.ia64.rpm |