Vulnerability Details : CVE-2013-1985
Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.
Vulnerability category: OverflowInput validation
Products affected by CVE-2013-1985
- cpe:2.3:a:x:libxinerama:*:*:*:*:*:*:*:*
- cpe:2.3:a:x:libxinerama:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:x:libxinerama:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:x:libxinerama:1.0.99.1:*:*:*:*:*:*:*
- cpe:2.3:a:x:libxinerama:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:x:libxinerama:1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-1985
0.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1985
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2013-1985
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1985
-
http://www.debian.org/security/2013/dsa-2691
Debian -- Security Information -- DSA-2691-1 libxinerama
-
http://www.openwall.com/lists/oss-security/2013/05/23/3
oss-security - Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries
-
http://lists.opensuse.org/opensuse-updates/2013-06/msg00154.html
openSUSE-SU-2013:1026-1: moderate: update for libXinerama
-
http://www.ubuntu.com/usn/USN-1860-1
USN-1860-1: libxinerama vulnerability | Ubuntu security notices
-
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
X.Org Security Advisory: May 23, 2013Vendor Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106845.html
[SECURITY] Fedora 19 Update: libXinerama-1.1.2-5.20130524git99c644fc8.fc19
Jump to