CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
76.2%
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
Vendor | Product | Version | CPE |
---|---|---|---|
x.org | libxi | * | cpe:2.3:a:x.org:libxi:*:*:*:*:*:*:*:* |
x.org | libxi | 1.5.0 | cpe:2.3:a:x.org:libxi:1.5.0:*:*:*:*:*:*:* |
x.org | libxi | 1.5.99.2 | cpe:2.3:a:x.org:libxi:1.5.99.2:*:*:*:*:*:*:* |
x.org | libxi | 1.5.99.3 | cpe:2.3:a:x.org:libxi:1.5.99.3:*:*:*:*:*:*:* |
x.org | libxi | 1.6.0 | cpe:2.3:a:x.org:libxi:1.6.0:*:*:*:*:*:*:* |
x.org | libxi | 1.6.1 | cpe:2.3:a:x.org:libxi:1.6.1:*:*:*:*:*:*:* |
x.org | libxi | 1.6.2 | cpe:2.3:a:x.org:libxi:1.6.2:*:*:*:*:*:*:* |
x.org | libxi | 1.6.99.1 | cpe:2.3:a:x.org:libxi:1.6.99.1:*:*:*:*:*:*:* |
x.org | libxi | 1.7 | cpe:2.3:a:x.org:libxi:1.7:*:*:*:*:*:*:* |