A highly critical security hole has been reported in the X Pixmap (libXpm) technology shipped with Solaris and JDS for Linux, which could allow someone to run code on your system if a modified X Pixmmap (.xpm) image is loaded.
The problem affects any machine running the X-Windows system, including most Linux distributions and most commercial Unix implantations including IBM AIX, the Solaris Common Desktop Environment (CDE), Java Desktop Service for Linux and Sun Java Desktop.
Platforms affected by the hole are SPARC Solaris 7, 8 and 9, x86 Solaris 7, 8 and 9 and Linux Sun Java Desktop System (JDS) 2003 without the updated Redhat Package Manager (RPMs) and JDS Release 2 without updated RPMs.
Last month, a hole found in how various OSes read common jpeg image files, lead to a flurry of activity as virus makers sought to make the most of it and anti-virus experts tried to prevent a huge infection.
The Xpm problem can result in a stack-based overflow in xpmParseColors, ParsePixels and ParseAndPutPixels -- CAN-2004-0687 - demo of which is here, and CAN-2004-0687, found here.
As well as this, an integer overflow can be experienced when allocating colorTable in xpmParseColors -- CAN-2004-0688, which can cause a crash.
Sun Microsystems is still building a patch to the problem, first detected on Friday, and advice to users is to avoid loading X PixMap (.xmp) images from untrusted sources in the meantime. For more info, go to www.cve.mitre.org.