CVE-2005-0605

NONE EPSS 90.4%
Published Mar 2, 200521y ago ยท Modified Jun 16, 20262w ago
Find Similar
Published Mar 2, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

Threat Intelligence

EPSS Exploit Probability
90.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 82

VendorProductVersionRange
lesstiflesstif0.93.94any
sgipropack3.0any
x.orgx11r66.7.0any
x.orgx11r66.8any
x.orgx11r66.8.1any
xfree86_projectx11r63.3any
xfree86_projectx11r63.3.2any
xfree86_projectx11r63.3.3any
xfree86_projectx11r63.3.4any
xfree86_projectx11r63.3.5any
xfree86_projectx11r63.3.6any
xfree86_projectx11r64.0any
xfree86_projectx11r64.0.1any
xfree86_projectx11r64.0.2.11any
xfree86_projectx11r64.0.3any
xfree86_projectx11r64.1.0any
xfree86_projectx11r64.1.11any
xfree86_projectx11r64.1.12any
xfree86_projectx11r64.2.0any
xfree86_projectx11r64.2.1any
xfree86_projectx11r64.2.1any
xfree86_projectx11r64.3.0any
xfree86_projectx11r64.3.0.1any
xfree86_projectx11r64.3.0.2any
altlinuxalt_linux2.3any
altlinuxalt_linux2.3any
mandrakesoftmandrake_linux10.0any
mandrakesoftmandrake_linux10.0any
mandrakesoftmandrake_linux10.1any
mandrakesoftmandrake_linux10.1any
mandrakesoftmandrake_linux10.2any
mandrakesoftmandrake_linux10.2any
mandrakesoftmandrake_linux_corporate_server2.1any
mandrakesoftmandrake_linux_corporate_server2.1any
mandrakesoftmandrake_linux_corporate_server3.0any
mandrakesoftmandrake_linux_corporate_server3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux4.0any
redhatenterprise_linux4.0any
redhatenterprise_linux4.0any
redhatenterprise_linux_desktop3.0any
redhatenterprise_linux_desktop4.0any
redhatfedora_corecore_2.0any
redhatfedora_corecore_3.0any
susesuse_linux6.1any
susesuse_linux6.1any
susesuse_linux6.2any
susesuse_linux6.3any
susesuse_linux6.3any
susesuse_linux6.3any
susesuse_linux6.4any
susesuse_linux6.4any
susesuse_linux6.4any
susesuse_linux6.4any
susesuse_linux7.0any
susesuse_linux7.0any
susesuse_linux7.0any
susesuse_linux7.0any
susesuse_linux7.0any
susesuse_linux7.1any
susesuse_linux7.1any
susesuse_linux7.1any
susesuse_linux7.1any
susesuse_linux7.1any
susesuse_linux7.2any
susesuse_linux7.2any
susesuse_linux7.3any
susesuse_linux7.3any
susesuse_linux7.3any
susesuse_linux7.3any
susesuse_linux8.0any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.1any
susesuse_linux9.2any
susesuse_linux9.2any

References 27

  • ftp.sco.com ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt
  • ftp.sco.com ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U
  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=83598
    PatchVendor Advisory
  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=83655
    PatchVendor Advisory
  • lists.apple.com http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
  • lists.apple.com http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
  • secunia.com http://secunia.com/advisories/14460
  • secunia.com http://secunia.com/advisories/18049
  • secunia.com http://secunia.com/advisories/18316
  • secunia.com http://secunia.com/advisories/19624
  • security.gentoo.org http://security.gentoo.org/glsa/glsa-200503-08.xml
    PatchVendor Advisory
  • securitytracker.com http://securitytracker.com/id?1013339
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2005/dsa-723
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-044.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-198.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-331.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-412.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-473.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2008-0261.html
  • securityfocus.com http://www.securityfocus.com/bid/12714
    PatchVendor Advisory
  • bugs.freedesktop.org https://bugs.freedesktop.org/attachment.cgi?id=1909
    Vendor Advisory
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411
  • usn.ubuntu.com https://usn.ubuntu.com/92-1/
  • usn.ubuntu.com https://usn.ubuntu.com/97-1/

Remediation

  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=83598
    PatchVendor Advisory
  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=83655
    PatchVendor Advisory
  • security.gentoo.org http://security.gentoo.org/glsa/glsa-200503-08.xml
    PatchVendor Advisory
  • securitytracker.com http://securitytracker.com/id?1013339
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2005/dsa-723
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-331.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/12714
    PatchVendor Advisory