Summary
The remote host is missing an update to xfree86
announced via advisory DSA 561-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20561-1
Insight
Chris Evans discovered several stack and integer overflows in the libXpm library which is provided by X.Org, XFree86 and LessTif.
For the stable distribution (woody) this problem has been fixed in version 4.1.0-16woody4.
For the unstable distribution (sid) this problem has been fixed in version 4.3.0.dfsg.1-8.
We recommend that you upgrade your libxpm packages.
Severity
Classification
-
CVE CVE-2004-0687, CVE-2004-0688 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities