Lucene search

K

[email protected]NVD:CVE-2013-1981

HistoryJun 15, 2013 - 7:55 p.m.

CVE-2013-1981

2013-06-1519:55:00

CWE-189

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.

Affected configurations

NVD

Node

xlibx11Range≤1.5.99.901

OR

xlibx11Match1.5.0

Node

canonicalubuntu_linuxMatch10.04-lts

OR

canonicalubuntu_linuxMatch12.04-lts

OR

canonicalubuntu_linuxMatch12.10

OR

canonicalubuntu_linuxMatch13.04

References

lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html

www.debian.org/security/2013/dsa-2693

www.openwall.com/lists/oss-security/2013/05/23/3

www.securityfocus.com/bid/60120

www.ubuntu.com/usn/USN-1854-1

www.x.org/wiki/Development/Security/Advisory-2013-05-23

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

Related for NVD:CVE-2013-1981

cve1 debiancve1 prion1 veracode26 ubuntucve1 cvelist1 nessus18 openvas14 fedora2 ubuntu1 debian1 securityvulns2 ibm4 amazon1 redhat1 centos1 freebsd1 mageia1 gentoo1