SUSE-SA:2004:041: xshared, XFree86-libs, xorg-x11-libs

This script is Copyright (C) 2004-2010 Tenable Network Security, Inc.

Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2004:041 (xshared, XFree86-libs, xorg-x11-libs).

The XPM library which is part of the XFree86/XOrg project is used by
several GUI applications to process XPM image files.
A source code review done by Thomas Biege of the SuSE Security-Team
revealed several different kinds of bugs.
The bug types are:
- integer overflows
- out-of-bounds memory access
- shell command execution
- path traversal
- endless loops
By providing a special image these bugs can be exploited by remote and/or
local attackers to gain access to the system or to escalate their local

Solution :

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: SuSE Local Security Checks

Nessus Plugin ID: 15755 ()

Bugtraq ID: 11694

CVE ID: CVE-2004-0914

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now