CVSS: 6.8EPSS: 1%CPEs: 8EXPL: 0CVE-2013-2000 – libXxf86dga: Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-2000
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions. Múltiples desbordamientos de búfer en X.org libXxf86dga v1.1.3 y anteriores permiten que los servidores X para causar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de valores de índice o de longitud de las funciones (1) XDGAQueryModes y (2) XDGASetMode. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106870.html http://www.debian.org/security/2013/dsa-2690 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1869-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-2000 https://bugzilla.redhat.com/show_bug.cgi?id=960349 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-1991 – libXxf86dga: Multiple integer overflows leading to heap-based buffer overflows
https://notcve.org/view.php?id=CVE-2013-1991
Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions. Múltiples desbordamientos de enteros en X.org libXxf86dga v1.1.3 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XDGAQueryModes y (2) XDGASetMode. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106870.html http://www.debian.org/security/2013/dsa-2690 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.ubuntu.com/usn/USN-1869-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1991 https://bugzilla.redhat.com/show_bug.cgi?id=959072 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •