CVE-2004-0817
NONE EPSS 91.0%
Published Dec 31, 200421y ago ยท Modified Jun 16, 20262w ago
Published Dec 31, 2004 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
Threat Intelligence
EPSS Exploit Probability
91.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 73
| Vendor | Product | Version | Range |
|---|---|---|---|
| enlightenment | imlib | 1.9 | any |
| enlightenment | imlib | 1.9.1 | any |
| enlightenment | imlib | 1.9.2 | any |
| enlightenment | imlib | 1.9.3 | any |
| enlightenment | imlib | 1.9.4 | any |
| enlightenment | imlib | 1.9.5 | any |
| enlightenment | imlib | 1.9.6 | any |
| enlightenment | imlib | 1.9.7 | any |
| enlightenment | imlib | 1.9.8 | any |
| enlightenment | imlib | 1.9.9 | any |
| enlightenment | imlib | 1.9.10 | any |
| enlightenment | imlib | 1.9.11 | any |
| enlightenment | imlib | 1.9.12 | any |
| enlightenment | imlib | 1.9.13 | any |
| enlightenment | imlib | 1.9.14 | any |
| enlightenment | imlib2 | 1.0 | any |
| enlightenment | imlib2 | 1.0.1 | any |
| enlightenment | imlib2 | 1.0.2 | any |
| enlightenment | imlib2 | 1.0.3 | any |
| enlightenment | imlib2 | 1.0.4 | any |
| enlightenment | imlib2 | 1.0.5 | any |
| enlightenment | imlib2 | 1.1 | any |
| enlightenment | imlib2 | 1.1.1 | any |
| imagemagick | imagemagick | 5.3.3 | any |
| imagemagick | imagemagick | 5.4.3 | any |
| imagemagick | imagemagick | 5.4.4.5 | any |
| imagemagick | imagemagick | 5.4.7 | any |
| imagemagick | imagemagick | 5.4.8 | any |
| imagemagick | imagemagick | 5.4.8.2.1.1.0 | any |
| imagemagick | imagemagick | 5.5.3.2.1.2.0 | any |
| imagemagick | imagemagick | 5.5.6.0_2003-04-09 | any |
| imagemagick | imagemagick | 5.5.7 | any |
| imagemagick | imagemagick | 6.0.2 | any |
| sun | java_desktop_system | 2.0 | any |
| sun | java_desktop_system | 2003 | any |
| conectiva | linux | 9.0 | any |
| conectiva | linux | 10.0 | any |
| mandrakesoft | mandrake_linux | 9.2 | any |
| mandrakesoft | mandrake_linux | 9.2 | any |
| mandrakesoft | mandrake_linux | 10.0 | any |
| mandrakesoft | mandrake_linux | 10.0 | any |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | any |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux_desktop | 3.0 | any |
| redhat | fedora_core | core_1.0 | any |
| redhat | fedora_core | core_2.0 | any |
| redhat | fedora_core | core_3.0 | any |
| redhat | linux_advanced_workstation | 2.1 | any |
| redhat | linux_advanced_workstation | 2.1 | any |
| suse | suse_linux | 8.0 | any |
| suse | suse_linux | 8.0 | any |
| suse | suse_linux | 8.1 | any |
| suse | suse_linux | 8.2 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.1 | any |
| suse | suse_linux | 9.2 | any |
| turbolinux | turbolinux_desktop | 10.0 | any |
| turbolinux | turbolinux_server | 7.0 | any |
| turbolinux | turbolinux_server | 8.0 | any |
| turbolinux | turbolinux_workstation | 7.0 | any |
| turbolinux | turbolinux_workstation | 8.0 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
References 9
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870
- sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
- debian.org http://www.debian.org/security/2004/dsa-548
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:089
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-465.html
- securityfocus.com http://www.securityfocus.com/bid/11084
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17182
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843
Remediation
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870
- debian.org http://www.debian.org/security/2004/dsa-548
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-465.html
- securityfocus.com http://www.securityfocus.com/bid/11084