CVE-2004-0817

NONE EPSS 91.0%
Published Dec 31, 200421y ago ยท Modified Jun 16, 20262w ago
Find Similar
Published Dec 31, 2004 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

Threat Intelligence

EPSS Exploit Probability
91.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 73

VendorProductVersionRange
enlightenmentimlib1.9any
enlightenmentimlib1.9.1any
enlightenmentimlib1.9.2any
enlightenmentimlib1.9.3any
enlightenmentimlib1.9.4any
enlightenmentimlib1.9.5any
enlightenmentimlib1.9.6any
enlightenmentimlib1.9.7any
enlightenmentimlib1.9.8any
enlightenmentimlib1.9.9any
enlightenmentimlib1.9.10any
enlightenmentimlib1.9.11any
enlightenmentimlib1.9.12any
enlightenmentimlib1.9.13any
enlightenmentimlib1.9.14any
enlightenmentimlib21.0any
enlightenmentimlib21.0.1any
enlightenmentimlib21.0.2any
enlightenmentimlib21.0.3any
enlightenmentimlib21.0.4any
enlightenmentimlib21.0.5any
enlightenmentimlib21.1any
enlightenmentimlib21.1.1any
imagemagickimagemagick5.3.3any
imagemagickimagemagick5.4.3any
imagemagickimagemagick5.4.4.5any
imagemagickimagemagick5.4.7any
imagemagickimagemagick5.4.8any
imagemagickimagemagick5.4.8.2.1.1.0any
imagemagickimagemagick5.5.3.2.1.2.0any
imagemagickimagemagick5.5.6.0_2003-04-09any
imagemagickimagemagick5.5.7any
imagemagickimagemagick6.0.2any
sunjava_desktop_system2.0any
sunjava_desktop_system2003any
conectivalinux9.0any
conectivalinux10.0any
mandrakesoftmandrake_linux9.2any
mandrakesoftmandrake_linux9.2any
mandrakesoftmandrake_linux10.0any
mandrakesoftmandrake_linux10.0any
mandrakesoftmandrake_linux_corporate_server2.1any
mandrakesoftmandrake_linux_corporate_server2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux_desktop3.0any
redhatfedora_corecore_1.0any
redhatfedora_corecore_2.0any
redhatfedora_corecore_3.0any
redhatlinux_advanced_workstation2.1any
redhatlinux_advanced_workstation2.1any
susesuse_linux8.0any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.2any
turbolinuxturbolinux_desktop10.0any
turbolinuxturbolinux_server7.0any
turbolinuxturbolinux_server8.0any
turbolinuxturbolinux_workstation7.0any
turbolinuxturbolinux_workstation8.0any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any

References 9

  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870
    Patch
  • sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
  • debian.org http://www.debian.org/security/2004/dsa-548
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
    PatchVendor Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:089
  • redhat.com http://www.redhat.com/support/errata/RHSA-2004-465.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/11084
    Patch
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17182
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843

Remediation

  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870
    Patch
  • debian.org http://www.debian.org/security/2004/dsa-548
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2004-465.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/11084
    Patch