5
CVSSv2

CVE-2015-3418

Published: 13/12/2016 Updated: 30/01/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) prior to 1.16.4 allows malicious users to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.

Vulnerability Trend

Vendor Advisories

A divide-by-zero flaw was found in the way the XOrg server checked the dimensions of certain images An attacker could potentially crash the XOrg server by tricking a suitable X application into displaying a specially crafted image file ...
<!-- content goes here --> Oracle Solaris Third Party Bulletin - April 2015 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when ...
<!-- content goes here --> Oracle Solaris Third Party Bulletin - October 2015 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day wh ...