CVE-2005-0605

Lesstif - Buffer Overflow

Title source: rule

Description

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

References (27)

[Various Sources] ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt

[Various Sources] ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt

[Patch, Vendor Advisory] http://bugs.gentoo.org/show_bug.cgi?id=83598

[Patch, Vendor Advisory] http://bugs.gentoo.org/show_bug.cgi?id=83655

[Mailing List] http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

[Mailing List] http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

[Patch, Vendor Advisory] http://security.gentoo.org/glsa/glsa-200503-08.xml

[Patch, Vendor Advisory] http://securitytracker.com/id?1013339

[Patch, Vendor Advisory] http://www.debian.org/security/2005/dsa-723

[Patch, Vendor Advisory] http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml

[Vendor Advisory] http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-044.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-198.html

[Patch, Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-331.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2008-0261.html

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/12714

[Vendor Advisory] https://bugs.freedesktop.org/attachment.cgi?id=1909

[Vendor Advisory] https://usn.ubuntu.com/92-1/

[Vendor Advisory] https://usn.ubuntu.com/97-1/

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-412.html

... and 7 more

Scores

EPSS 0.0284

EPSS Percentile 86.0%

Classification

Status draft

Affected Products (50)

lesstif/lesstif

sgi/propack

x.org/x11r6

x.org/x11r6

x.org/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

xfree86_project/x11r6

... and 35 more

Timeline

Published Mar 02, 2005

Tracked Since Feb 18, 2026