http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200410-062

libXpm是一款对XPM进行解码的库系统。libXpm多处不正确检查边界缓冲区长度，远程攻击者可以利用这个漏洞可能以用户进程权限执行任意指令。问题一是xpmParseColors(parse.c)中的堆栈缓冲区溢出：XPMv1和XPMv2/3解析代码中不安全使用strcat()，可导致缓冲区溢出。第二个问题是xpmParseColors(parse.c)中分配colorTable存在整数溢出问题，问题存在于如下：colorTable=(XpmColor*)XpmCalloc(ncolors，sizeof(XpmColor));ncolors可来自不可信的XPM文件。第三个问题是ParseAndPutPixels(create.c)读取象素时存在堆栈缓冲区溢出。构建恶意的XPM文件，诱使用户访问可导致以用户进程权限执行任意指令。

resource:
hyperlink:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio;=000924
resource:
hyperlink:http://ftp.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch
resource:
hyperlink:http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
resource:
hyperlink:http://marc.info/?l=bugtraq&m;=109530851323415&w;=2
resource:
hyperlink:http://scary.beasts.org/security/CESA-2004-003.txt
resource:
hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1
resource:
hyperlink:http://www.debian.org/security/2004/dsa-560
resource:
hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
resource:
hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml
resource:US Government Resource
hyperlink:http://www.kb.cert.org/vuls/id/537878
resource:
hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2004:098
resource:
hyperlink:http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html
resource:
hype