CVE-2015-9262 – libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c
https://notcve.org/view.php?id=CVE-2015-9262
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. _XcursorThemeInherits en library.c en libXcursor en versiones anteriores a la 1.1.15 permite que atacantes remotos provoquen una denegación de servicio (DoS) o una potencial ejecución de código mediante un desbordamiento de memoria dinámica (heap) de un byte. • https://access.redhat.com/errata/RHSA-2018:3059 https://access.redhat.com/errata/RHSA-2018:3505 https://bugs.freedesktop.org/show_bug.cgi?id=90857 https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=897213f36baf6926daf6d192c709cf627aa5fd05 https://lists.debian.org/debian-lts-announce/2018/08/msg00016.html https://usn.ubuntu.com/3729-1 https://access.redhat.com/security/cve/CVE-2015-9262 https://bugzilla.redhat.com/show_bug.cgi?id=1611599 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2017-16612
https://notcve.org/view.php?id=CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0. libXcursor en versiones anteriores a la 1.1.15 tiene varios desbordamientos de enteros que podrían provocar desbordamientos de búfer basados en memoria dinámica (heap) cuando se procesan cursores maliciosos, por ejemplo, con programas como GIMP. También es posible que exista un vector de ataque contra el código relacionado en cursor/xcursor.c en Wayland hasta la versión 1.14.0. • http://security.cucumberlinux.com/security/details.php?id=156 http://www.openwall.com/lists/oss-security/2017/11/28/6 http://www.ubuntu.com/usn/USN-3501-1 https://bugzilla.suse.com/show_bug.cgi?id=1065386 https://cgit.freedesktop.org/wayland/wayland/commit/?id=5d201df72f3d4f4cb8b8f75f980169b03507da38 https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 https://lists.debian.org/debian-lts-announce/2017/12/msg00002.html https://lists.freedesktop.org/arc • CWE-190: Integer Overflow or Wraparound •
CVE-2013-2003 – libXcursor: Integer overflow leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-2003
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function. Un desbordamiento de entero en X.org libxcursor v1.1.13 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con la función _XcursorFileHeaderCreate. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106791.html http://www.debian.org/security/2013/dsa-2681 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60121 http://www.ubuntu.com/usn/USN-1856-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2003 https://bugzilla.redhat.com/show_bug.cgi?id=959077 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •