CVE-2013-2005
libXt: Memory corruption due to unchecked use of unchecked function pointers
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
X.org LibXt v1.1.3 y versiones anteriores no comprueba el valor devuelto por la función XGetWindowProperty, lo que permite a los servidores X el activar el uso de un puntero no inicializado y provocar una corrupción de memoria a través de vectores relacionados con las funciones (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, y (5) HandleSelectionReplies.
A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-02-19 CVE Reserved
- 2013-05-23 CVE Published
- 2024-07-09 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-456: Missing Initialization of a Variable
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | Mailing List |
|
| http://www.securityfocus.com/bid/60133 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | <= 1.1.3 Search vendor "X" for product "Libxt" and version " <= 1.1.3" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.3 Search vendor "X" for product "Libxt" and version "1.0.3" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.4 Search vendor "X" for product "Libxt" and version "1.0.4" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.5 Search vendor "X" for product "Libxt" and version "1.0.5" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.6 Search vendor "X" for product "Libxt" and version "1.0.6" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.7 Search vendor "X" for product "Libxt" and version "1.0.7" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.8 Search vendor "X" for product "Libxt" and version "1.0.8" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.0.9 Search vendor "X" for product "Libxt" and version "1.0.9" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.1.1 Search vendor "X" for product "Libxt" and version "1.1.1" | - |
Affected
| ||||||
| X Search vendor "X" | Libxt Search vendor "X" for product "Libxt" | 1.1.2 Search vendor "X" for product "Libxt" and version "1.1.2" | - |
Affected
| ||||||