CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
88.8%
The XvQueryAdaptors and XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data (CVE-2016-5407). The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations (CVE-2016-7942). The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations (CVE-2016-7943). Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync (CVE-2016-7944). Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields (CVE-2016-7945). X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields (CVE-2016-7946). Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response (CVE-2016-7947). X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data (CVE-2016-7948). Multiple buffer overflows in the XvQueryAdaptors and XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields (CVE-2016-7949). The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths (CVE-2016-7950). Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks (CVE-2016-7951). X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the XRecordStartOfData, XRecordEndOfData, or XRecordClientDied category without a client sequence and with attached data (CVE-2016-7952). Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string (CVE-2016-7953).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | libx11 | < 1.6.5-1 | libx11-1.6.5-1.mga5 |
Mageia | 5 | noarch | libxv | < 1.0.11-1 | libxv-1.0.11-1.mga5 |
Mageia | 5 | noarch | libxrender | < 0.9.10-1 | libxrender-0.9.10-1.mga5 |
Mageia | 5 | noarch | libxtst | < 1.2.3-1 | libxtst-1.2.3-1.mga5 |
Mageia | 5 | noarch | libxi | < 1.7.7-1 | libxi-1.7.7-1.mga5 |
Mageia | 5 | noarch | libxrandr | < 1.4.2-4.1 | libxrandr-1.4.2-4.1.mga5 |
Mageia | 5 | noarch | libxfixes | < 5.0.3-1 | libxfixes-5.0.3-1.mga5 |
Mageia | 5 | noarch | libxvmc | < 1.0.10-1 | libxvmc-1.0.10-1.mga5 |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
88.8%