CVE-2005-2495
NONE EPSS 89.1%
Published Sep 15, 200520y ago ยท Modified Jun 16, 20262w ago
Published Sep 15, 2005 20y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
Threat Intelligence
EPSS Exploit Probability
89.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-189
Affected Products 8
| Vendor | Product | Version | Range |
|---|---|---|---|
| xfree86_project | xfree86 | 3.3.6 | any |
| xfree86_project | xfree86 | 4.0.0 | any |
| xfree86_project | xfree86 | 4.0.1 | any |
| xfree86_project | xfree86 | 4.0.2 | any |
| xfree86_project | xfree86 | 4.0.3 | any |
| xfree86_project | xfree86 | 4.1.0 | any |
| xfree86_project | xfree86 | 4.2.0 | any |
| xfree86_project | xfree86 | 4.2.1 | any |
References 38
- ftp.sco.com ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.22/SCOSA-2006.22.txt
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U
- marc.info http://marc.info/?l=bugtraq&m=112690609622266&w=2
- secunia.com http://secunia.com/advisories/16777
- secunia.com http://secunia.com/advisories/16790
- secunia.com http://secunia.com/advisories/17044
- secunia.com http://secunia.com/advisories/17215
- secunia.com http://secunia.com/advisories/17258
- secunia.com http://secunia.com/advisories/17278
- secunia.com http://secunia.com/advisories/19624
- secunia.com http://secunia.com/advisories/19796
- secunia.com http://secunia.com/advisories/21318
- securitytracker.com http://securitytracker.com/id?1014887
- sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-101926-1
- sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-101953-1
- support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf
- support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf
- debian.org http://www.debian.org/security/2005/dsa-816
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200509-07.xml
- kb.cert.org http://www.kb.cert.org/vuls/id/102441
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:164
- novell.com http://www.novell.com/linux/security/advisories/2005_23_sr.html
- novell.com http://www.novell.com/linux/security/advisories/2005_56_xserver.html
- osvdb.org http://www.osvdb.org/19352
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-329.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-396.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-501.html
- securityfocus.com http://www.securityfocus.com/advisories/9285
- securityfocus.com http://www.securityfocus.com/advisories/9286
- securityfocus.com http://www.securityfocus.com/archive/1/427045/100/0/threaded
- securityfocus.com http://www.securityfocus.com/archive/1/442163/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/14807
- vupen.com http://www.vupen.com/english/advisories/2006/3140
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/22244
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1044
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9615
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A998
- ubuntu.com https://www.ubuntu.com/usn/usn-182-1/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.