Vulnerability Details : CVE-2012-1699
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
Vulnerability category: OverflowMemory CorruptionDenial of service
Products affected by CVE-2012-1699
- cpe:2.3:a:x:x.org_x11:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:xfree86:xfree86:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-1699
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-1699
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:P |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2012-1699
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-1699
-
http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html
X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86 3.3.3
-
https://bugzilla.redhat.com/show_bug.cgi?id=842841
842841 – (CVE-2012-1699) CVE-2012-1699 xorg-x11: DoS and information leak in xfs prior to X11R6.7
-
http://marc.info/?l=bugtraq&m=135765511704334&w=2
'[security bulletin] HPSBUX02829 SSRT100883 rev.1 - HP-UX Running X Font Server (xfs) Software, Local' - MARC
-
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of
CVE-2012-1699 Denial of Service (DoS) vulnerability in X.Org | Oracle Third Party Vulnerability Resolution Blog
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369
Repository / Oval Repository
-
http://invisible-island.net/ansification/ansify-xfs-cve.html
ANSI-fication revisited for CVE-2012-1699
-
http://twitter.com/bsdaemon/status/228958599790071809
Rodrigo Branco on Twitter: "CVE-2012-1699 finally released by Oracle. Solaris 9 http://t.co/96ysMsHm full memleak"
Jump to