7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
86.1%
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros
in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote
attackers to have unspecified impact via a crafted request, which triggers
a buffer overflow.
Author | Note |
---|---|
mdeslaur | all build dependencies that use the MakeBigReq macro, or that use the SetReqLen macro need to be rebuilt |