Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2013-AVI-362
Vulnerability from certfr_avis - Published: 2013-06-19 - Updated: 2013-06-19
De multiples vulnérabilités ont été corrigées dans Oracle Solaris. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Versions antérieures à Solaris 11.1.8.4.0
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 Solaris 11.1.8.4.0\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1989"
},
{
"name": "CVE-2011-1529",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1529"
},
{
"name": "CVE-2013-1985",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1985"
},
{
"name": "CVE-2013-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2001"
},
{
"name": "CVE-2013-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2003"
},
{
"name": "CVE-2013-1983",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1983"
},
{
"name": "CVE-2013-1987",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1987"
},
{
"name": "CVE-2013-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2004"
},
{
"name": "CVE-2013-1982",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1982"
},
{
"name": "CVE-2013-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1998"
},
{
"name": "CVE-2013-1997",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1997"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2013-1992",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1992"
},
{
"name": "CVE-2013-1988",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1988"
},
{
"name": "CVE-2013-1993",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1993"
},
{
"name": "CVE-2013-0189",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0189"
},
{
"name": "CVE-2013-1984",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1984"
},
{
"name": "CVE-2013-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2002"
},
{
"name": "CVE-2013-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1981"
},
{
"name": "CVE-2013-1999",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1999"
},
{
"name": "CVE-2012-5643",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5643"
},
{
"name": "CVE-2013-1996",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1996"
},
{
"name": "CVE-2013-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1990"
},
{
"name": "CVE-2013-2066",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2066"
},
{
"name": "CVE-2013-2062",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2062"
},
{
"name": "CVE-2013-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2005"
},
{
"name": "CVE-2013-2063",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2063"
},
{
"name": "CVE-2013-1986",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1986"
},
{
"name": "CVE-2013-2000",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2000"
},
{
"name": "CVE-2011-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1528"
},
{
"name": "CVE-2013-1995",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1995"
}
],
"initial_release_date": "2013-06-19T00:00:00",
"last_revision_date": "2013-06-19T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 18 juin 2013",
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 18 juin 2013",
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_squid"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 18 juin 2013",
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 18 juin 2013",
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in"
}
],
"reference": "CERTA-2013-AVI-362",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Solaris\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Solaris",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Oracle du 18 juin 2013",
"url": null
}
]
}
CVE-2013-1999 (GCVE-0-2013-1999)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-1868-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2013/dsa-2675 | vendor-advisoryx_refsource_DEBIAN |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2013:1025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00153.html"
},
{
"name": "USN-1868-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1868-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2675",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2675"
},
{
"name": "FEDORA-2013-9099",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106766.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-21T00:27:52.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2013:1025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00153.html"
},
{
"name": "USN-1868-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1868-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2675",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2675"
},
{
"name": "FEDORA-2013-9099",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106766.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00153.html"
},
{
"name": "USN-1868-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1868-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2675",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2675"
},
{
"name": "FEDORA-2013-9099",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106766.html"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1999",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2000 (GCVE-0-2013-2000)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.debian.org/security/2013/dsa-2690 | vendor-advisoryx_refsource_DEBIAN |
| http://www.ubuntu.com/usn/USN-1869-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2690",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2690"
},
{
"name": "USN-1869-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1869-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "FEDORA-2013-9085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106870.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-21T00:27:52.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-2690",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2690"
},
{
"name": "USN-1869-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1869-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "FEDORA-2013-9085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106870.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2690",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2690"
},
{
"name": "USN-1869-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1869-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "FEDORA-2013-9085",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106870.html"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2000",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2001 (GCVE-0-2013-2001)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-1870-1 | vendor-advisoryx_refsource_UBUNTU |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.debian.org/security/2013/dsa-2692 | vendor-advisoryx_refsource_DEBIAN |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1870-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1870-1"
},
{
"name": "FEDORA-2013-9053",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106872.html"
},
{
"name": "DSA-2692",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2692"
},
{
"name": "openSUSE-SU-2013:1041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00165.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-21T00:27:52.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1870-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1870-1"
},
{
"name": "FEDORA-2013-9053",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106872.html"
},
{
"name": "DSA-2692",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2692"
},
{
"name": "openSUSE-SU-2013:1041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00165.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-1870-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1870-1"
},
{
"name": "FEDORA-2013-9053",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106872.html"
},
{
"name": "DSA-2692",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2692"
},
{
"name": "openSUSE-SU-2013:1041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00165.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2001",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2002 (GCVE-0-2013-2002)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.ubuntu.com/usn/USN-1865-1 | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.debian.org/security/2013/dsa-2680 | vendor-advisoryx_refsource_DEBIAN |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/60137 | vdb-entryx_refsource_BID |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2013-9098",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html"
},
{
"name": "USN-1865-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1865-1"
},
{
"name": "openSUSE-SU-2013:1008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html"
},
{
"name": "DSA-2680",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2680"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "60137",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-20T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2013-9098",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html"
},
{
"name": "USN-1865-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1865-1"
},
{
"name": "openSUSE-SU-2013:1008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html"
},
{
"name": "DSA-2680",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2680"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "60137",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-9098",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html"
},
{
"name": "USN-1865-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1865-1"
},
{
"name": "openSUSE-SU-2013:1008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html"
},
{
"name": "DSA-2680",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2680"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "60137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60137"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2002",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2003 (GCVE-0-2013-2003)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/60121 | vdb-entryx_refsource_BID |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.debian.org/security/2013/dsa-2681 | vendor-advisoryx_refsource_DEBIAN |
| http://www.ubuntu.com/usn/USN-1856-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60121"
},
{
"name": "FEDORA-2013-9096",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106791.html"
},
{
"name": "DSA-2681",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2681"
},
{
"name": "USN-1856-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1856-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-20T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60121"
},
{
"name": "FEDORA-2013-9096",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106791.html"
},
{
"name": "DSA-2681",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2681"
},
{
"name": "USN-1856-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1856-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60121"
},
{
"name": "FEDORA-2013-9096",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106791.html"
},
{
"name": "DSA-2681",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2681"
},
{
"name": "USN-1856-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1856-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2003",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2004 (GCVE-0-2013-2004)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-1854-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
| http://www.debian.org/security/2013/dsa-2693 | vendor-advisoryx_refsource_DEBIAN |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1854-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1854-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
},
{
"name": "DSA-2693",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1854-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1854-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
},
{
"name": "DSA-2693",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-1854-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1854-1"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
},
{
"name": "DSA-2693",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2004",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2005 (GCVE-0-2013-2005)
Vulnerability from cvelistv5 – Published: 2013-06-15 20:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.ubuntu.com/usn/USN-1865-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/60133 | vdb-entryx_refsource_BID |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.debian.org/security/2013/dsa-2680 | vendor-advisoryx_refsource_DEBIAN |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2013-9098",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html"
},
{
"name": "USN-1865-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1865-1"
},
{
"name": "60133",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60133"
},
{
"name": "openSUSE-SU-2013:1008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html"
},
{
"name": "DSA-2680",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2680"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-20T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2013-9098",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html"
},
{
"name": "USN-1865-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1865-1"
},
{
"name": "60133",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60133"
},
{
"name": "openSUSE-SU-2013:1008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html"
},
{
"name": "DSA-2680",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2680"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-9098",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html"
},
{
"name": "USN-1865-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1865-1"
},
{
"name": "60133",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60133"
},
{
"name": "openSUSE-SU-2013:1008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html"
},
{
"name": "DSA-2680",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2680"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2005",
"datePublished": "2013-06-15T20:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2062 (GCVE-0-2013-2062)
Vulnerability from cvelistv5 – Published: 2013-06-15 19:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-1861-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.debian.org/security/2013/dsa-2685 | vendor-advisoryx_refsource_DEBIAN |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2013:1046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00170.html"
},
{
"name": "USN-1861-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1861-1"
},
{
"name": "DSA-2685",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2685"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2013:1046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00170.html"
},
{
"name": "USN-1861-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1861-1"
},
{
"name": "DSA-2685",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2685"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1046",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00170.html"
},
{
"name": "USN-1861-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1861-1"
},
{
"name": "DSA-2685",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2685"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2062",
"datePublished": "2013-06-15T19:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2063 (GCVE-0-2013-2063)
Vulnerability from cvelistv5 – Published: 2013-06-15 19:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.ubuntu.com/usn/USN-1866-1 | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2013/dsa-2689 | vendor-advisoryx_refsource_DEBIAN |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2013-9073",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106886.html"
},
{
"name": "USN-1866-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1866-1"
},
{
"name": "openSUSE-SU-2013:1032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00160.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2689"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2013-9073",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106886.html"
},
{
"name": "USN-1866-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1866-1"
},
{
"name": "openSUSE-SU-2013:1032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00160.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2689"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2063",
"datePublished": "2013-06-15T19:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2064 (GCVE-0-2013-2064)
Vulnerability from cvelistv5 – Published: 2013-06-15 19:00 – Updated: 2024-08-06 15:20
VLAI
EPSS
Summary
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.debian.org/security/2013/dsa-2686 | vendor-advisoryx_refsource_DEBIAN |
| http://www.oracle.com/technetwork/security-adviso… | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.ubuntu.com/usn/USN-1855-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/60148 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2013/05/23/3 | mailing-listx_refsource_MLIST |
| http://www.x.org/wiki/Development/Security/Adviso… | x_refsource_CONFIRM |
Date Public
2013-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2686",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2686"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "FEDORA-2013-9070",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106752.html"
},
{
"name": "openSUSE-SU-2013:1007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00137.html"
},
{
"name": "USN-1855-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1855-1"
},
{
"name": "60148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60148"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-2686",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2686"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "FEDORA-2013-9070",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106752.html"
},
{
"name": "openSUSE-SU-2013:1007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00137.html"
},
{
"name": "USN-1855-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1855-1"
},
{
"name": "60148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60148"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2686",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2686"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "FEDORA-2013-9070",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106752.html"
},
{
"name": "openSUSE-SU-2013:1007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00137.html"
},
{
"name": "USN-1855-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1855-1"
},
{
"name": "60148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60148"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2064",
"datePublished": "2013-06-15T19:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:37.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…