Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Oracle
  • Secure Global Desktop
X
  • Libxcb
Canonical
  • Ubuntu Linux
Fedoraproject
  • Fedora
Debian
  • Debian Linux
Opensuse
  • Opensuse

Configuration 1 [-]

OR cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
cpe:2.3:a:oracle:secure_global_desktop:5.2:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:a:x:libxcb:*:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106752.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-06/msg00137.html Third Party Advisory
http://www.debian.org/security/2013/dsa-2686 Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/05/23/3 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Vendor Advisory
http://www.securityfocus.com/bid/60148
http://www.ubuntu.com/usn/USN-1855-1 Third Party Advisory
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2013-06-15T19:00:00

Updated: 2016-11-25T19:57:01

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-2064

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2013-06-15T19:55:01.233

Modified: 2018-10-30T16:27:34.373

Link: CVE-2013-2064

JSON object: View

cve-icon Redhat Information

No data.

CWE