Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2014-8094

Published: 10/12/2014 Updated: 13/02/2023
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to X.org

Vulnerability Summary

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 up to and including 1.16.x prior to 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

x.org xorg-server 1.14.2

x.org xorg-server 1.10.1

x.org xorg-server 1.8.99.905

x.org xorg-server 1.13.1.901

x.org xorg-server 1.7.5.902

x.org xorg-server 1.7.4.901

x.org xorg-server 1.11.0

x.org xorg-server 1.7.2

x.org xorg-server 1.8.2.901

x.org xorg-server 1.12.1.902

x.org xorg-server 1.13.3

x.org xorg-server 1.10.6

x.org xorg-server 1.14.1.902

x.org xorg-server 1.11.3

x.org xorg-server 1.14.4.901

x.org xorg-server 1.10.4

x.org xorg-server 1.9.99.903

x.org xorg-server 1.16.0

x.org xorg-server 1.14.4

x.org xorg-server 1.10.99.901

x.org xorg-server 1.14.5.901

x.org xorg-server 1.12.3.901

x.org xorg-server 1.7.6.902

x.org xorg-server 1.15.2

x.org xorg-server 1.12.2

x.org xorg-server 1.11.2

x.org xorg-server 1.8.99.902

x.org xorg-server 1.7.1

x.org xorg-server 1.11.99.902

x.org xorg-server 1.9.3

x.org xorg-server 1.7.2.902

x.org xorg-server 1.8.0.901

x.org xorg-server 1.13.2.902

x.org xorg-server 1.9.0.901

x.org xorg-server 1.7.2.901

x.org xorg-server 1.16.1

x.org xorg-server 1.14.99.905

x.org xorg-server 1.9.0

x.org xorg-server 1.12.99.902

x.org xorg-server 1.8.0

x.org xorg-server 1.9.4

x.org xorg-server 1.13.99.902

x.org xorg-server 1.7.3

x.org xorg-server 1.12.0.902

x.org xorg-server 1.15.1

x.org xorg-server 1.9.3.902

x.org xorg-server 1.13.99.901

x.org xorg-server 1.13.0

x.org xorg-server 1.13.2.901

x.org xorg-server 1.16.1.901

x.org xorg-server 1.11.1.901

x.org xorg-server 1.15.0

x.org xorg-server 1.14.2.901

x.org xorg-server 1.14.7

x.org xorg-server 1.10.0.902

x.org xorg-server 1.11.3.901

x.org xorg-server 1.8.0.902

x.org xorg-server 1.11.99.2

x.org xorg-server 1.14.3.901

x.org xorg-server 1.13.0.902

x.org xorg-server 1.9.2

x.org xorg-server 1.12.3.902

x.org xorg-server 1.14.99.904

x.org xorg-server 1.7.99.1

x.org xorg-server 1.15.0.901

x.org xorg-server 1.14.3

x.org xorg-server 1.9.1

x.org xorg-server 1.8.99.901

x.org xorg-server 1.9.0.902

x.org xorg-server 1.9.3.901

x.org xorg-server 1.7.0.902

x.org xorg-server 1.9.99.901

x.org xorg-server 1.10.0.901

x.org xorg-server 1.12.99.901

x.org xorg-server 1.16.2.901

x.org xorg-server 1.12.2.901

x.org xorg-server 1.13.4

x.org xorg-server 1.16.0.901

x.org xorg-server 1.10.1.901

x.org xorg-server 1.10.1.902

x.org xorg-server 1.8.99.904

x.org xorg-server 1.14.1

x.org xorg-server 1.9.2.902

x.org xorg-server 1.8.1.902

x.org xorg-server 1.14.99.2

x.org xorg-server 1.11.2.902

x.org xorg-server 1.7.4.902

x.org xorg-server 1.14.99.902

x.org xorg-server 1.12.99.904

x.org xorg-server 1.10.99.902

x.org xorg-server 1.8.1.901

x.org xorg-server 1.7.0

x.org xorg-server 1.14.2.902

x.org xorg-server 1.12.99.903

x.org xorg-server 1.10.0

x.org xorg-server 1.7.5

x.org xorg-server 1.7.99.2

x.org xorg-server 1.10.3

x.org xorg-server 1.12.4

x.org xorg-server 1.13.1

x.org xorg-server 1.12.3

x.org xorg-server 1.11.99.901

x.org xorg-server 1.7.4

x.org xorg-server 1.10.3.901

x.org xorg-server 1.8.1

x.org xorg-server 1.7.3.902

x.org xorg-server 1.10.2.901

x.org xorg-server 1.9.5

x.org xorg-server 1.7.99.902

x.org xorg-server 1.15.99.902

x.org xorg-server 1.7.1.902

x.org xorg-server 1.9.2.901

x.org xorg-server 1.11.99.903

x.org xorg-server 1.14.5

x.org xorg-server 1.7.5.901

x.org xorg-server 1.16.2

x.org xorg-server 1.11.1

x.org xorg-server 1.11.99.1

x.org xorg-server 1.7.99.901

x.org xorg-server 1.7.6

x.org xorg-server 1.7.6.901

x.org xorg-server 1.14.1.901

x.org xorg-server 1.11.1.902

x.org xorg-server 1.14.99.903

x.org xorg-server 1.13.2

x.org xorg-server 1.14.0

x.org xorg-server 1.9.99.902

x.org xorg-server 1.12.2.902

x.org xorg-server 1.14.99.3

x.org xorg-server 1.8.2.902

x.org xorg-server 1.9.4.901

x.org xorg-server 1.12.0

x.org xorg-server 1.15.99.903

x.org xorg-server 1.13.0.901

x.org xorg-server 1.7.0.901

x.org xorg-server 1.11.3.902

x.org xorg-server 1.7.3.901

x.org xorg-server 1.11.4

x.org xorg-server 1.12.1.901

x.org xorg-server 1.15.99.904

x.org xorg-server 1.10.3.902

x.org xorg-server 1.12.0.901

x.org xorg-server 1.14.6

x.org xorg-server 1.10.2

x.org xorg-server 1.8.2

x.org xorg-server 1.7.1.901

x.org xorg-server 1.12.99.905

x.org xorg-server 1.8.99.903

x.org xorg-server 1.11.2.901

x.org xorg-server 1.16.2.99.901

x.org xorg-server 1.7.7

x.org xorg-server 1.10.2.902

x.org xorg-server 1.14.99.901

x.org xorg-server 1.14.99.1

x.org xorg-server 1.15.99.901

oracle solaris 11.2

oracle solaris 10

debian debian linux 7.0

Vendor Advisories

Red Hat: Important: xorg-x11-server security update
Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Topic Updated xorg-x11-server packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6 and 7Red Hat Product Security has rated this update as having Important securityimpact Com ...
Ubuntu Security Notice: xorg-server, xorg-server-lts-trusty vulnerabilities
Several security issues were fixed in the XOrg X server ...
Debian Security Advisories: DSA-3095-1 xorg-server -- security update
Ilja van Sprundel of IOActive discovered several security issues in the Xorg X server, which may lead to privilege escalation or denial of service For the stable distribution (wheezy), these problems have been fixed in version 1124-6+deb7u5 For the upcoming stable distribution (jessie), these problems will be fixed soon For the unstable distr ...
Amazon Linux AMI: ALAS-2015-470
Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the XOrg server calculated memory requirements for certain X11 core protocol and GLX extension requests A malicious, authenticated client could use either of these flaws to crash the XOrg server or, potentially, execute arbitrary code with root privileges (CVE-2 ...

References

CWE-190http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/http://secunia.com/advisories/62292http://www.debian.org/security/2014/dsa-3095http://advisories.mageia.org/MGASA-2014-0532.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:119http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www.securityfocus.com/bid/71601https://security.gentoo.org/glsa/201504-06http://secunia.com/advisories/61947https://access.redhat.com/errata/RHSA-2014:1983https://usn.ubuntu.com/2436-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook