Summary
The remote host is missing an update to lesstif1-1 announced via advisory DSA 560-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20560-1
Insight
Chris Evans discovered several stack and integer overflows in the libXpm library which is included in LessTif.
For the stable distribution (woody) this problem has been fixed in version 0.93.18-5.
For the unstable distribution (sid) this problem has been fixed in version 0.93.94-10.
We recommend that you upgrade your lesstif packages.
Severity
Classification
-
CVE CVE-2004-0687, CVE-2004-0688 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities