Vulnerability Description
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
CVSS Score
5.1
MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xfree86 Project | Xfree86 | 3.3.6 |
Related Weaknesses (CWE)
References
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.22/SCOSA-2006.22.txt
- ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U
- http://marc.info/?l=bugtraq&m=112690609622266&w=2
- http://secunia.com/advisories/16777Vendor Advisory
- http://secunia.com/advisories/16790Vendor Advisory
- http://secunia.com/advisories/17044Vendor Advisory
- http://secunia.com/advisories/17215Vendor Advisory
- http://secunia.com/advisories/17258Vendor Advisory
- http://secunia.com/advisories/17278Vendor Advisory
- http://secunia.com/advisories/19624Vendor Advisory
- http://secunia.com/advisories/19796Vendor Advisory
- http://secunia.com/advisories/21318Vendor Advisory
- http://securitytracker.com/id?1014887
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101926-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101953-1
FAQ
What is CVE-2005-2495?
CVE-2005-2495 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
How severe is CVE-2005-2495?
CVE-2005-2495 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2495?
Check the references section above for vendor advisories and patch information. Affected products include: Xfree86 Project Xfree86.