CVE-2013-1992

2013-06-1519:55:01

CWE-189

redhat

web.nvd.nist.gov

x.org

libdmx

integer overflow

memory allocation

buffer overflow

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.4%

JSON

Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions.

Affected configurations

Nvd

Node

xlibdmxRange≤1.1.2

xlibdmxMatch1.0.2

xlibdmxMatch1.0.99.1

xlibdmxMatch1.1.0

xlibdmxMatch1.1.1

VendorProductVersionCPE
xlibdmx*cpe:2.3:a:x:libdmx:*:*:*:*:*:*:*:*
xlibdmx1.0.2cpe:2.3:a:x:libdmx:1.0.2:*:*:*:*:*:*:*
xlibdmx1.0.99.1cpe:2.3:a:x:libdmx:1.0.99.1:*:*:*:*:*:*:*
xlibdmx1.1.0cpe:2.3:a:x:libdmx:1.1.0:*:*:*:*:*:*:*
xlibdmx1.1.1cpe:2.3:a:x:libdmx:1.1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
x	libdmx	*	cpe:2.3:a:x:libdmx::::::::
x	libdmx	1.0.2	cpe:2.3:a:x:libdmx:1.0.2:::::::*
x	libdmx	1.0.99.1	cpe:2.3:a:x:libdmx:1.0.99.1:::::::*
x	libdmx	1.1.0	cpe:2.3:a:x:libdmx:1.1.0:::::::*
x	libdmx	1.1.1	cpe:2.3:a:x:libdmx:1.1.1:::::::*