CVE-2004-0783
EPSS 28.7%
Description
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
How to fix CVE-2004-0783
To remediate CVE-2004-0783, upgrade the affected package to a fixed version below.
- Debian/gtk+2.0—upgrade to 2.4.9-2 or later
Is CVE-2004-0783 being exploited?
Moderate — EPSS is 28.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.4.9-2