Vulnerability CVE-2013-1988: Information

Description

Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.

Severity: MEDIUM (6.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2013-1988
Published: June 15, 2013
Modified: Nov. 25, 2013
Error type identifier: CWE-189

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libXresp81.2.0-alt0.M80P.11.2.0-alt0.M80P.1ALT-PU-2017-2486-1191294Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
  • Vendor Advisory
[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries
    openSUSE-SU-2013:1027
      DSA-2688
        USN-1864-1
          FEDORA-2013-9060

              1. Configuration 1

                cpe:2.3:a:x:libxres:*:*:*:*:*:*:*:*
                End including
                1.0.6
                cpe:2.3:a:x:libxres:1.0.1:*:*:*:*:*:*:*
                cpe:2.3:a:x:libxres:1.0.4:*:*:*:*:*:*:*
                cpe:2.3:a:x:libxres:1.0.2:*:*:*:*:*:*:*
                cpe:2.3:a:x:libxres:1.0.5:*:*:*:*:*:*:*
                cpe:2.3:a:x:libxres:1.0.3:*:*:*:*:*:*:*
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.4.2
            Back to top