CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7947
https://notcve.org/view.php?id=CVE-2016-7947
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. Múltiples desbordamientos de entero en X.org libXrandr en versiones anteriores a 1.5.1 permiten a servidores remotos X desencadenar operaciones de escritura fuera de límites a través de una respuesta manipulada. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93365 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7948
https://notcve.org/view.php?id=CVE-2016-7948
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. X.org libXrandr en versiones anteriores a 1.5.1 permite a servidores remotos X desencadenar operaciones de escritura fuera de límites aprovechando el manejo incorrecto de datos de respuesta. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93373 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1986 – libXrandr: Multiple integer overflows leading to heap-based bufer overflows
https://notcve.org/view.php?id=CVE-2013-1986
Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions. Múltiples desbordamientos de enteros en X.org libXrandr v1.4.0 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XRRQueryOutputProperty y (2) XRRQueryProviderProperty. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106857.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00156.html http://www.debian.org/security/2013/dsa-2684 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1862-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1986 https://bugzilla.redhat.com/show_bug.cgi?id=959059 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •