7.5
CVSSv2

CVE-2017-12178

Published: 24/01/2018 Updated: 09/10/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

xorg-x11-server prior to 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Vendor Advisories

xorg-x11-server before 1195 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code ...
A security issue has been found in the Xi component of xorg-server, due to an invalid length check in ProcXIChangeHierarchy ...
Arch Linux Security Advisory ASA-201710-29 ========================================== Severity: High Date : 2017-10-21 CVE-ID : CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12183 Package : xorg-server Type : arbitrary code execution Remote : Yes Link : securityarchlinuxorg/AVG-443 Summary ======= The package xorg-se ...
Several vulnerabilities have been discovered in the XOrg X server An attacker who's able to connect to an X server could cause a denial of service or potentially the execution of arbitrary code For the oldstable distribution (jessie), these problems have been fixed in version 2:1164-1+deb8u2 For the stable distribution (stretch), these proble ...
Oracle Solaris Third Party Bulletin - October 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critic ...