CRITICAL
X.org
CVE published 2017-02-01
CVE-2016-10164
CVE-2016-10164 is a critical libXpm flaw affecting versions before 3.5.12. When a program parses XPM extensions on a 64-bit platform, crafted input can trigger integer overflows in the number of extensions or their combined length, leading to a heap-based buffer overflow. The stated impact includes denial of service and potential arbitrary code execution.