6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.8%
Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.
CPE | Name | Operator | Version |
---|---|---|---|
openchrome:openchrome | openchrome | le | 0.3.2 |
x:libchromexvmc | x libchromexvmc | eq | - |
x:libchromexvmcpro | x libchromexvmcpro | eq | - |