Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for libxi by x.org

    CVE-2016-7946 (GCVE-0-2016-7946)

    Vulnerability from nvd – Published: 2016-12-13 20:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-10-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.322Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2016-8b122b0997",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
              },
              {
                "name": "1036945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1036945"
              },
              {
                "name": "GLSA-201704-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201704-03"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
              },
              {
                "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
              },
              {
                "name": "FEDORA-2016-cabb6d7ef7",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
              },
              {
                "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
              },
              {
                "name": "93374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/93374"
              },
              {
                "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-10-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:16:02.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "FEDORA-2016-8b122b0997",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
            },
            {
              "name": "1036945",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1036945"
            },
            {
              "name": "GLSA-201704-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201704-03"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
            },
            {
              "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
            },
            {
              "name": "FEDORA-2016-cabb6d7ef7",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
            },
            {
              "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
            },
            {
              "name": "93374",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/93374"
            },
            {
              "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2016-7946",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2016-8b122b0997",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
                },
                {
                  "name": "1036945",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1036945"
                },
                {
                  "name": "GLSA-201704-03",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201704-03"
                },
                {
                  "name": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5",
                  "refsource": "CONFIRM",
                  "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
                },
                {
                  "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
                },
                {
                  "name": "FEDORA-2016-cabb6d7ef7",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
                },
                {
                  "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
                },
                {
                  "name": "93374",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/93374"
                },
                {
                  "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-7946",
        "datePublished": "2016-12-13T20:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.322Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7945 (GCVE-0-2016-7945)

    Vulnerability from nvd – Published: 2016-12-13 20:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-10-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.529Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2016-8b122b0997",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
              },
              {
                "name": "1036945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1036945"
              },
              {
                "name": "GLSA-201704-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201704-03"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
              },
              {
                "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
              },
              {
                "name": "FEDORA-2016-cabb6d7ef7",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
              },
              {
                "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
              },
              {
                "name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
              },
              {
                "name": "93364",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/93364"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-10-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:57.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "FEDORA-2016-8b122b0997",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
            },
            {
              "name": "1036945",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1036945"
            },
            {
              "name": "GLSA-201704-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201704-03"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
            },
            {
              "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
            },
            {
              "name": "FEDORA-2016-cabb6d7ef7",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
            },
            {
              "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
            },
            {
              "name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
            },
            {
              "name": "93364",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/93364"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@suse.com",
              "ID": "CVE-2016-7945",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2016-8b122b0997",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
                },
                {
                  "name": "1036945",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1036945"
                },
                {
                  "name": "GLSA-201704-03",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201704-03"
                },
                {
                  "name": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5",
                  "refsource": "CONFIRM",
                  "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
                },
                {
                  "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
                },
                {
                  "name": "FEDORA-2016-cabb6d7ef7",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
                },
                {
                  "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
                },
                {
                  "name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
                },
                {
                  "name": "93364",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/93364"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-7945",
        "datePublished": "2016-12-13T20:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.529Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1998 (GCVE-0-2013-1998)

    Vulnerability from nvd – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
    VLAI
    Summary
    Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-1859-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/bid/60127 vdb-entryx_refsource_BID
    http://www.openwall.com/lists/oss-security/2013/05/23/3 mailing-listx_refsource_MLIST
    http://www.x.org/wiki/Development/Security/Adviso… x_refsource_CONFIRM
    http://www.debian.org/security/2013/dsa-2683 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:20:37.377Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-1859-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1859-1"
              },
              {
                "name": "FEDORA-2013-9046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
              },
              {
                "name": "openSUSE-SU-2013:1033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
              },
              {
                "name": "60127",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/60127"
              },
              {
                "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
              },
              {
                "name": "DSA-2683",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-20T09:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "USN-1859-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1859-1"
            },
            {
              "name": "FEDORA-2013-9046",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
            },
            {
              "name": "openSUSE-SU-2013:1033",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
            },
            {
              "name": "60127",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/60127"
            },
            {
              "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
            },
            {
              "name": "DSA-2683",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2013-1998",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-1859-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1859-1"
                },
                {
                  "name": "FEDORA-2013-9046",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
                },
                {
                  "name": "openSUSE-SU-2013:1033",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
                },
                {
                  "name": "60127",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/60127"
                },
                {
                  "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
                },
                {
                  "name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
                  "refsource": "CONFIRM",
                  "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
                },
                {
                  "name": "DSA-2683",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2013/dsa-2683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-1998",
        "datePublished": "2013-06-15T20:00:00.000Z",
        "dateReserved": "2013-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:20:37.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1995 (GCVE-0-2013-1995)

    Vulnerability from nvd – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
    VLAI
    Summary
    X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-1859-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://www.openwall.com/lists/oss-security/2013/05/23/3 mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/60124 vdb-entryx_refsource_BID
    http://www.x.org/wiki/Development/Security/Adviso… x_refsource_CONFIRM
    http://www.debian.org/security/2013/dsa-2683 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:20:37.439Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-1859-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1859-1"
              },
              {
                "name": "FEDORA-2013-9046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
              },
              {
                "name": "openSUSE-SU-2013:1033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
              },
              {
                "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
              },
              {
                "name": "60124",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/60124"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
              },
              {
                "name": "DSA-2683",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-20T09:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "USN-1859-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1859-1"
            },
            {
              "name": "FEDORA-2013-9046",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
            },
            {
              "name": "openSUSE-SU-2013:1033",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
            },
            {
              "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
            },
            {
              "name": "60124",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/60124"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
            },
            {
              "name": "DSA-2683",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2013-1995",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-1859-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1859-1"
                },
                {
                  "name": "FEDORA-2013-9046",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
                },
                {
                  "name": "openSUSE-SU-2013:1033",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
                },
                {
                  "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
                },
                {
                  "name": "60124",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/60124"
                },
                {
                  "name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
                  "refsource": "CONFIRM",
                  "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
                },
                {
                  "name": "DSA-2683",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2013/dsa-2683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-1995",
        "datePublished": "2013-06-15T20:00:00.000Z",
        "dateReserved": "2013-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:20:37.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1984 (GCVE-0-2013-1984)

    Vulnerability from nvd – Published: 2013-06-15 19:00 – Updated: 2024-08-06 15:20
    VLAI
    Summary
    Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-1859-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://www.openwall.com/lists/oss-security/2013/05/23/3 mailing-listx_refsource_MLIST
    http://www.x.org/wiki/Development/Security/Adviso… x_refsource_CONFIRM
    http://www.debian.org/security/2013/dsa-2683 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:20:37.417Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-1859-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1859-1"
              },
              {
                "name": "FEDORA-2013-9046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
              },
              {
                "name": "openSUSE-SU-2013:1033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
              },
              {
                "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
              },
              {
                "name": "DSA-2683",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-01T17:26:34.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "USN-1859-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1859-1"
            },
            {
              "name": "FEDORA-2013-9046",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
            },
            {
              "name": "openSUSE-SU-2013:1033",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
            },
            {
              "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
            },
            {
              "name": "DSA-2683",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2013-1984",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-1859-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1859-1"
                },
                {
                  "name": "FEDORA-2013-9046",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
                },
                {
                  "name": "openSUSE-SU-2013:1033",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
                },
                {
                  "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
                },
                {
                  "name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
                  "refsource": "CONFIRM",
                  "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
                },
                {
                  "name": "DSA-2683",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2013/dsa-2683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-1984",
        "datePublished": "2013-06-15T19:00:00.000Z",
        "dateReserved": "2013-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:20:37.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7945 (GCVE-0-2016-7945)

    Vulnerability from cvelistv5 – Published: 2016-12-13 20:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-10-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.529Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2016-8b122b0997",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
              },
              {
                "name": "1036945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1036945"
              },
              {
                "name": "GLSA-201704-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201704-03"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
              },
              {
                "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
              },
              {
                "name": "FEDORA-2016-cabb6d7ef7",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
              },
              {
                "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
              },
              {
                "name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
              },
              {
                "name": "93364",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/93364"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-10-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:57.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "FEDORA-2016-8b122b0997",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
            },
            {
              "name": "1036945",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1036945"
            },
            {
              "name": "GLSA-201704-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201704-03"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
            },
            {
              "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
            },
            {
              "name": "FEDORA-2016-cabb6d7ef7",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
            },
            {
              "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
            },
            {
              "name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
            },
            {
              "name": "93364",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/93364"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@suse.com",
              "ID": "CVE-2016-7945",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2016-8b122b0997",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
                },
                {
                  "name": "1036945",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1036945"
                },
                {
                  "name": "GLSA-201704-03",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201704-03"
                },
                {
                  "name": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5",
                  "refsource": "CONFIRM",
                  "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
                },
                {
                  "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
                },
                {
                  "name": "FEDORA-2016-cabb6d7ef7",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
                },
                {
                  "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
                },
                {
                  "name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
                },
                {
                  "name": "93364",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/93364"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-7945",
        "datePublished": "2016-12-13T20:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.529Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7946 (GCVE-0-2016-7946)

    Vulnerability from cvelistv5 – Published: 2016-12-13 20:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-10-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.322Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2016-8b122b0997",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
              },
              {
                "name": "1036945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1036945"
              },
              {
                "name": "GLSA-201704-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201704-03"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
              },
              {
                "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
              },
              {
                "name": "FEDORA-2016-cabb6d7ef7",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
              },
              {
                "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
              },
              {
                "name": "93374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/93374"
              },
              {
                "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-10-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:16:02.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "FEDORA-2016-8b122b0997",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
            },
            {
              "name": "1036945",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1036945"
            },
            {
              "name": "GLSA-201704-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201704-03"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
            },
            {
              "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
            },
            {
              "name": "FEDORA-2016-cabb6d7ef7",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
            },
            {
              "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
            },
            {
              "name": "93374",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/93374"
            },
            {
              "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2016-7946",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2016-8b122b0997",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
                },
                {
                  "name": "1036945",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1036945"
                },
                {
                  "name": "GLSA-201704-03",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201704-03"
                },
                {
                  "name": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5",
                  "refsource": "CONFIRM",
                  "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
                },
                {
                  "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
                },
                {
                  "name": "FEDORA-2016-cabb6d7ef7",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
                },
                {
                  "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
                },
                {
                  "name": "93374",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/93374"
                },
                {
                  "name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-7946",
        "datePublished": "2016-12-13T20:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.322Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1995 (GCVE-0-2013-1995)

    Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
    VLAI
    Summary
    X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-1859-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://www.openwall.com/lists/oss-security/2013/05/23/3 mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/60124 vdb-entryx_refsource_BID
    http://www.x.org/wiki/Development/Security/Adviso… x_refsource_CONFIRM
    http://www.debian.org/security/2013/dsa-2683 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:20:37.439Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-1859-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1859-1"
              },
              {
                "name": "FEDORA-2013-9046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
              },
              {
                "name": "openSUSE-SU-2013:1033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
              },
              {
                "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
              },
              {
                "name": "60124",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/60124"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
              },
              {
                "name": "DSA-2683",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-20T09:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "USN-1859-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1859-1"
            },
            {
              "name": "FEDORA-2013-9046",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
            },
            {
              "name": "openSUSE-SU-2013:1033",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
            },
            {
              "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
            },
            {
              "name": "60124",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/60124"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
            },
            {
              "name": "DSA-2683",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2013-1995",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-1859-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1859-1"
                },
                {
                  "name": "FEDORA-2013-9046",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
                },
                {
                  "name": "openSUSE-SU-2013:1033",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
                },
                {
                  "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
                },
                {
                  "name": "60124",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/60124"
                },
                {
                  "name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
                  "refsource": "CONFIRM",
                  "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
                },
                {
                  "name": "DSA-2683",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2013/dsa-2683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-1995",
        "datePublished": "2013-06-15T20:00:00.000Z",
        "dateReserved": "2013-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:20:37.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1998 (GCVE-0-2013-1998)

    Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
    VLAI
    Summary
    Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-1859-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/bid/60127 vdb-entryx_refsource_BID
    http://www.openwall.com/lists/oss-security/2013/05/23/3 mailing-listx_refsource_MLIST
    http://www.x.org/wiki/Development/Security/Adviso… x_refsource_CONFIRM
    http://www.debian.org/security/2013/dsa-2683 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:20:37.377Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-1859-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1859-1"
              },
              {
                "name": "FEDORA-2013-9046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
              },
              {
                "name": "openSUSE-SU-2013:1033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
              },
              {
                "name": "60127",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/60127"
              },
              {
                "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
              },
              {
                "name": "DSA-2683",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-04-20T09:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "USN-1859-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1859-1"
            },
            {
              "name": "FEDORA-2013-9046",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
            },
            {
              "name": "openSUSE-SU-2013:1033",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
            },
            {
              "name": "60127",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/60127"
            },
            {
              "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
            },
            {
              "name": "DSA-2683",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2013-1998",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-1859-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1859-1"
                },
                {
                  "name": "FEDORA-2013-9046",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
                },
                {
                  "name": "openSUSE-SU-2013:1033",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
                },
                {
                  "name": "60127",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/60127"
                },
                {
                  "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
                },
                {
                  "name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
                  "refsource": "CONFIRM",
                  "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
                },
                {
                  "name": "DSA-2683",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2013/dsa-2683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-1998",
        "datePublished": "2013-06-15T20:00:00.000Z",
        "dateReserved": "2013-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:20:37.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-1984 (GCVE-0-2013-1984)

    Vulnerability from cvelistv5 – Published: 2013-06-15 19:00 – Updated: 2024-08-06 15:20
    VLAI
    Summary
    Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-1859-1 vendor-advisoryx_refsource_UBUNTU
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-updates/2013-0… vendor-advisoryx_refsource_SUSE
    http://www.openwall.com/lists/oss-security/2013/05/23/3 mailing-listx_refsource_MLIST
    http://www.x.org/wiki/Development/Security/Adviso… x_refsource_CONFIRM
    http://www.debian.org/security/2013/dsa-2683 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2013-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:20:37.417Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-1859-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1859-1"
              },
              {
                "name": "FEDORA-2013-9046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
              },
              {
                "name": "openSUSE-SU-2013:1033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
              },
              {
                "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
              },
              {
                "name": "DSA-2683",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2013/dsa-2683"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-01T17:26:34.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "USN-1859-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1859-1"
            },
            {
              "name": "FEDORA-2013-9046",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
            },
            {
              "name": "openSUSE-SU-2013:1033",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
            },
            {
              "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
            },
            {
              "name": "DSA-2683",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2013/dsa-2683"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2013-1984",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-1859-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1859-1"
                },
                {
                  "name": "FEDORA-2013-9046",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html"
                },
                {
                  "name": "openSUSE-SU-2013:1033",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html"
                },
                {
                  "name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues  in X Window System client libraries",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
                },
                {
                  "name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
                  "refsource": "CONFIRM",
                  "url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
                },
                {
                  "name": "DSA-2683",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2013/dsa-2683"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-1984",
        "datePublished": "2013-06-15T19:00:00.000Z",
        "dateReserved": "2013-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:20:37.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }