CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

X : Security Vulnerabilities Published In 2013 (Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-2066 119 DoS Exec Code Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.
2 CVE-2013-2064 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
3 CVE-2013-2063 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.
4 CVE-2013-2062 189 Overflow 2013-06-15 2013-09-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.
5 CVE-2013-2005 119 Overflow Mem. Corr. 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
6 CVE-2013-2004 119 DoS Overflow 2013-06-15 2013-06-20
6.8
None Remote Medium Not required Partial Partial Partial
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
7 CVE-2013-2003 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.
8 CVE-2013-2002 189 DoS Exec Code Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
9 CVE-2013-2001 119 DoS Exec Code Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.
10 CVE-2013-2000 119 DoS Exec Code Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.
11 CVE-2013-1999 119 DoS Exec Code Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.
12 CVE-2013-1998 119 DoS Exec Code Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
13 CVE-2013-1997 119 DoS Exec Code Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
14 CVE-2013-1996 119 Overflow 2013-06-15 2013-06-20
6.8
None Remote Medium Not required Partial Partial Partial
X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function.
15 CVE-2013-1995 119 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
16 CVE-2013-1994 189 Overflow 2013-06-15 2013-06-20
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.
17 CVE-2013-1993 189 Overflow 2013-06-15 2014-01-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.
18 CVE-2013-1992 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions.
19 CVE-2013-1991 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.
20 CVE-2013-1990 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.
21 CVE-2013-1989 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function.
22 CVE-2013-1988 189 Overflow 2013-06-15 2013-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.
23 CVE-2013-1987 189 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.
24 CVE-2013-1986 189 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.
25 CVE-2013-1985 20 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.
26 CVE-2013-1984 189 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
27 CVE-2013-1983 189 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
28 CVE-2013-1982 189 Overflow 2013-06-15 2013-06-20
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.
29 CVE-2013-1981 189 Overflow 2013-06-15 2013-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
Total number of vulnerabilities : 29   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.