CVE-2004-0688
Publication date 20 October 2004
Last updated 17 July 2025
Ubuntu priority
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Status
Package | Ubuntu Release | Status |
---|---|---|
lesstif1-1 | 7.04 feisty | Not in release |
6.10 edgy |
Fixed 0.93.94-12
|
|
6.06 LTS dapper |
Fixed 0.93.94-12
|
|
lesstif2 | 7.04 feisty |
Fixed 0.94.4-1
|
6.10 edgy |
Fixed 0.94.4-1
|
|
6.06 LTS dapper |
Fixed 0.94.4-1
|
|
openmotif | 7.04 feisty |
Fixed 2.2.3-1.2ubuntu2
|
6.10 edgy |
Fixed 2.2.3-1.2ubuntu2
|
|
6.06 LTS dapper |
Fixed 2.2.3-1.2ubuntu2
|
|
xorg | 7.04 feisty |
Not affected
|
6.10 edgy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|