CVE-2005-2495

NONE EPSS 89.1%
Published Sep 15, 200520y ago ยท Modified Jun 16, 20262w ago
Find Similar
Published Sep 15, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.

Threat Intelligence

EPSS Exploit Probability
89.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-189

Affected Products 8

VendorProductVersionRange
xfree86_projectxfree863.3.6any
xfree86_projectxfree864.0.0any
xfree86_projectxfree864.0.1any
xfree86_projectxfree864.0.2any
xfree86_projectxfree864.0.3any
xfree86_projectxfree864.1.0any
xfree86_projectxfree864.2.0any
xfree86_projectxfree864.2.1any

References 38

  • ftp.sco.com ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.22/SCOSA-2006.22.txt
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U
  • marc.info http://marc.info/?l=bugtraq&m=112690609622266&w=2
  • secunia.com http://secunia.com/advisories/16777
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/16790
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/17044
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/17215
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/17258
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/17278
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/19624
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/19796
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/21318
    Vendor Advisory
  • securitytracker.com http://securitytracker.com/id?1014887
  • sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-101926-1
  • sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-101953-1
  • support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf
  • support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf
  • debian.org http://www.debian.org/security/2005/dsa-816
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200509-07.xml
  • kb.cert.org http://www.kb.cert.org/vuls/id/102441
    US Government Resource
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:164
  • novell.com http://www.novell.com/linux/security/advisories/2005_23_sr.html
  • novell.com http://www.novell.com/linux/security/advisories/2005_56_xserver.html
  • osvdb.org http://www.osvdb.org/19352
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-329.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-396.html
    Vendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-501.html
    Vendor Advisory
  • securityfocus.com http://www.securityfocus.com/advisories/9285
  • securityfocus.com http://www.securityfocus.com/advisories/9286
  • securityfocus.com http://www.securityfocus.com/archive/1/427045/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/archive/1/442163/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/bid/14807
  • vupen.com http://www.vupen.com/english/advisories/2006/3140
    Vendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/22244
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1044
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9615
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A998
  • ubuntu.com https://www.ubuntu.com/usn/usn-182-1/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.