CVE-2005-0639

Description

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

How to fix CVE-2005-0639

To remediate CVE-2005-0639, upgrade the affected package to a fixed version below.

• Debian/xli—upgrade to 1.17.0-17 or later
• Debian/xloadimage—upgrade to 4.1-14.2 or later

Is CVE-2005-0639 being exploited?

Low — EPSS is 2.0%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 1.17.0-17
• from 0, < 4.1-14.2

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2005-0639