Published: 15/06/2013 Updated: 16/10/2015

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

X.org libFS 1.0.4 and previous versions allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
x libfs 1.0.3
x libfs 1.0.1
x libfs
x libfs 1.0.2

Several security issues were fixed in libfs ...

Ilja van Sprundel of IOActive discovered several security issues in multiple components of the Xorg graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service For the oldstab ...

Xorg libFS 104 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function ...

CWE-119 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.debian.org/security/2013/dsa-2687 http://www.ubuntu.com/usn/USN-1853-1 http://www.securityfocus.com/bid/60130 https://usn.ubuntu.com/1853-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-1996

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-1996

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect