xpm -- image decoding vulnerabilities

Description:

Chris Evans discovered several vulnerabilities in the libXpm image decoder:

A stack-based buffer overflow in xpmParseColors
An integer overflow in xpmParseColors
A stack-based buffer overflow in ParsePixels and ParseAndPutPixels

The X11R6.8.1 release announcement reads:

This version is purely a security release, addressing multiple integer and stack overflows in libXpm, the X Pixmap library; all known versions of X (both XFree86 and X.Org) are affected, so all users of X are strongly encouraged to upgrade.

References:

CVE name CVE-2004-0687
CVE name CVE-2004-0688
URL: <http://freedesktop.org/pipermail/xorg/2004-September/003172.html>
URL: <http://scary.beasts.org/security/CESA-2004-003.txt>
CERT vulnerability note 537878
CERT vulnerability note 882750

Affects:

agenda-snow-libs >=0
linux_base >=0
open-motif-devel >=0
mupad >=0
zh-cle_base >=0
libXpm <3.5.1_1
XFree86-libraries <4.4.0_1
xorg-libraries <6.7.0_2
lesstif <0.93.96,2
xpm <3.4k_1
linux-openmotif <2.2.4
open-motif <2.2.3_1

portaudit: xpm -- image decoding vulnerabilities

Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.

If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Officer. Refer to "FreeBSD Security Information" for more information.

Oliver Eikemeier <eik@FreeBSD.org>