CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1995 – libXi: Sign extension issues resulting in heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-1995
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. X.org LibXi v1.7.1 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con una extensión de signo inesperada en la función XListInputDevices. A buffer overflow flaw was found in the way the XListInputDevices() function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html http://www.debian.org/security/2013/dsa-2683 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60124 http://www.ubuntu.com/usn/USN-1859-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1995 https://bugzilla.redhat.com/show& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-2003 – libXcursor: Integer overflow leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-2003
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function. Un desbordamiento de entero en X.org libxcursor v1.1.13 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con la función _XcursorFileHeaderCreate. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106791.html http://www.debian.org/security/2013/dsa-2681 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60121 http://www.ubuntu.com/usn/USN-1856-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2003 https://bugzilla.redhat.com/show_bug.cgi?id=959077 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-2005 – libXt: Memory corruption due to unchecked use of unchecked function pointers
https://notcve.org/view.php?id=CVE-2013-2005
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions. X.org LibXt v1.1.3 y versiones anteriores no comprueba el valor devuelto por la función XGetWindowProperty, lo que permite a los servidores X el activar el uso de un puntero no inicializado y provocar una corrupción de memoria a través de vectores relacionados con las funciones (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, y (5) HandleSelectionReplies. A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html http://www.debian.org/security/2013/dsa-2680 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60133 http://www.ubuntu.com/usn/USN-1865-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2005 https://bugzilla.redhat.com/show& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-456: Missing Initialization of a Variable •
CVSS: 6.8EPSS: 2%CPEs: 10EXPL: 0CVE-2013-2002 – libXt: Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-2002
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function. Desbordamiento de búfer en X.org libXt v1.1.3 y anteriores permite a los servidores X causar una denegación de servicio (caída de la aplicacion) y posiblemente ejecutar código de su elección a través de unos valores de longitud o de índice de la función _XtResourceConfigurationEH debidamente modificados. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html http://www.debian.org/security/2013/dsa-2680 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60137 http://www.ubuntu.com/usn/USN-1865-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2002 https://bugzilla.redhat.com/show& • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-1994
https://notcve.org/view.php?id=CVE-2013-1994
Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions. Múltiples desbordamientos de enteros en X.org libchromeXvMC y libchromeXvMCPro en openchrome v0.3.2 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) uniDRIOpenConnection y (2) uniDRIGetClientDriverName. • http://www.debian.org/security/2013/dsa-2679 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1871-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 • CWE-189: Numeric Errors •