7.5
CVSSv2

CVE-2017-12186

Published: 24/01/2018 Updated: 09/10/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

xorg-x11-server prior to 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 8.0

debian debian linux 9.0

x.org xorg-server

Vendor Advisories

xorg-x11-server before 1195 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code ...
Several vulnerabilities have been discovered in the XOrg X server An attacker who's able to connect to an X server could cause a denial of service or potentially the execution of arbitrary code For the oldstable distribution (jessie), these problems have been fixed in version 2:1164-1+deb8u2 For the stable distribution (stretch), these proble ...
Oracle Solaris Third Party Bulletin - October 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critic ...