Bug 174814

Summary: CVE-2005-3964 openmotif libUil buffer overflows
Product: Red Hat Enterprise Linux 4 Reporter: Josh Bressers <bressers>
Component: openmotifAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,public=20051202,reported=20051202,source=fulldisclosure
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-04-25 12:40:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 180357, 180358, 180359, 430519    
Attachments:
Description Flags
CVE-2005-3964 libUil patch none

Description Josh Bressers 2005-12-02 14:37:33 UTC 
openmotif libUil buffer overflows

http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2

xfocus have discovered two buffer overflow flaws in openmotif's libUil
library.  This overflow is going to depend on how a motif application
is passing data into the UIL library.


This issue also affects RHEL3
This issue also affects RHEL2.1
Comment 2 Thomas Woerner 2006-02-02 17:39:09 UTC 
Created attachment 124061 [details]
CVE-2005-3964 libUil patch
Comment 6 Thomas Woerner 2006-04-25 12:40:50 UTC 
Fixed in RHSA-2006-0272.