| Vulnerability Name: | CVE-2005-2495 (CCN-22244) | ||||||||||||||||||||||||||||||||
| Assigned: | 2005-09-08 | ||||||||||||||||||||||||||||||||
| Published: | 2005-09-08 | ||||||||||||||||||||||||||||||||
| Updated: | 2018-10-19 | ||||||||||||||||||||||||||||||||
| Summary: | Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. | ||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-189 | ||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||
| References: | Source: SCO Type: UNKNOWN SCOSA-2006.22 Source: SGI Type: UNKNOWN 20060403-01-U Source: CCN Type: BugTraq Mailing List, Mon Sep 12 2005 - 10:40:59 CDT X.Org: Heap overflow in pixmap allocation Source: MITRE Type: CNA CVE-2005-2495 Source: TRUSTIX Type: UNKNOWN 2005-0049 Source: CCN Type: RHSA-2005-329 XFree86 security update Source: CCN Type: RHSA-2005-396 xorg-x11 security update Source: CCN Type: RHSA-2005-501 XFree86 security update Source: CCN Type: SA16777 XFree86 Pixmap Creation Integer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 16777 Source: CCN Type: SA16790 X11 Pixmap Creation Integer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 16790 Source: CCN Type: SA17044 Sun Java Desktop System XFree86 Pixmap Creation Integer Overflow Source: SECUNIA Type: Vendor Advisory 17044 Source: SECUNIA Type: Vendor Advisory 17215 Source: CCN Type: SA17258 Avaya CMS Solaris X11 Pixmap Creation Integer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 17258 Source: CCN Type: SA17278 Avaya Products XFree86 Pixmap Creation Integer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 17278 Source: CCN Type: SA19624 SGI ProPack XFree86 Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 19624 Source: SECUNIA Type: Vendor Advisory 19796 Source: SECUNIA Type: Vendor Advisory 21318 Source: CCN Type: SECTRACK ID: 1014887 XFree86 pixmap Integer Overflows May Let Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014887 Source: SUNALERT Type: UNKNOWN 101926 Source: CCN Type: Sun Alert ID: 101926 Security Vulnerability in the Xsun(1) and Xorg Servers Source: SUNALERT Type: UNKNOWN 101953 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2005-218.pdf Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2005-226.pdf Source: CCN Type: ASA-2006-093 UnixWare X Server Arbitrary Code Execution (SCOSA-2006.22) Source: CCN Type: X.Org Web site The X.Org Foundation Source: CCN Type: CIAC INFORMATION BULLETIN P-304 XFree86 Security Update Source: DEBIAN Type: UNKNOWN DSA-816 Source: DEBIAN Type: DSA-816 xfree86 -- integer overflow Source: CCN Type: GLSA-200509-07 X.Org: Heap overflow in pixmap allocation Source: GENTOO Type: UNKNOWN GLSA-200509-07 Source: CCN Type: US-CERT VU#102441 Multiple X servers fail to properly allocate memory for large pixmaps Source: CERT-VN Type: US Government Resource VU#102441 Source: MANDRAKE Type: UNKNOWN MDKSA-2005:164 Source: SUSE Type: UNKNOWN SUSE-SR:2005:023 Source: SUSE Type: UNKNOWN SUSE-SA:2005:056 Source: OSVDB Type: UNKNOWN 19352 Source: CCN Type: OSVDB ID: 19352 X11 / XFree86 Pixmap Allocation Local Overflow Source: REDHAT Type: UNKNOWN RHSA-2005:329 Source: REDHAT Type: Vendor Advisory RHSA-2005:396 Source: REDHAT Type: Vendor Advisory RHSA-2005:501 Source: FEDORA Type: UNKNOWN FEDORA-2005-893 Source: FEDORA Type: UNKNOWN FEDORA-2005-894 Source: FEDORA Type: UNKNOWN FLSA:168264-2 Source: HP Type: UNKNOWN HPSBUX02137 Source: BID Type: UNKNOWN 14807 Source: CCN Type: BID-14807 XFree86 Pixmap Allocation Local Privilege Escalation Vulnerability Source: CCN Type: USN-182-1 X server vulnerability Source: VUPEN Type: Vendor Advisory ADV-2006-3140 Source: CCN Type: Bugzilla Bug 166859 CAN-2005-2495 multiple integer overflows Source: XF Type: UNKNOWN xorg-pixmap-bo(22244) Source: XF Type: UNKNOWN xorg-pixmap-bo(22244) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1044 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9615 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:998 Source: SUSE Type: SUSE-SA:2005:056 XFree86-serverxorg-x11-server: remote command execution Source: SUSE Type: SUSE-SR:2005:023 SUSE Security Summary Report Source: UBUNTU Type: UNKNOWN USN-182-1 | ||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||