CVSS: 6.8EPSS: 1%CPEs: 6EXPL: 0CVE-2013-1999 – libXvMC: Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-1999
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function. Un desbordamiento de búfer en X.org libXvMC v1.0.7 y anteriores permite a los servidores X causar una denegación de servicio (por caída del servidor) y posiblemente ejecutar código de su elección a través de valores de índice o de longitud debidamente modificados en la función XvMCGetDRInfo. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106766.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00153.html http://www.debian.org/security/2013/dsa-2675 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1868-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1999 https://bugzilla.redhat.com/show_bug.cgi?id=960347 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-1983 – libXfixes: Integer overflow leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-1983
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function. Un desbordamiento de entero en X.org libXfixes v5.0 y anteriores permite a los servidores X provocar una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con la función XFixesGetCursorImage. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106794.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00144.html http://www.debian.org/security/2013/dsa-2676 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1858-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1983 https://bugzilla.redhat.com/show_bug.cgi?id=959048 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-2063 – libXtst: Integer overflow leading to heap-based buffer overlow
https://notcve.org/view.php?id=CVE-2013-2063
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function. Desbordamiento de entero en X.org libXtst v1.2.1 y anteriores permite a los servidores X provocar una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con la función XRecordGetContext. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106886.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00160.html http://www.debian.org/security/2013/dsa-2689 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1866-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2063 https://bugzilla.redhat.com/show_bug.cgi?id=960366 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1988 – libXRes: Multiple integer overflows leading to heap-based bufer overflows
https://notcve.org/view.php?id=CVE-2013-1988
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions. Múltiples desbordamientos de enteros en X.org libXRes v1.0.6 y anteriores permiten a los servidores X provocar una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XResQueryClients y (2) XResQueryClientResources. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106880.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00155.html http://www.debian.org/security/2013/dsa-2688 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1864-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1988 https://bugzilla.redhat.com/show_bug.cgi?id=959066 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2013-1996
https://notcve.org/view.php?id=CVE-2013-1996
X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function. X.org LibFS v1.0.4 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con una extensión de signo inesperada en la función FSOpenServer. • http://www.debian.org/security/2013/dsa-2687 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60130 http://www.ubuntu.com/usn/USN-1853-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •