Lucene search

K
freebsdFreeBSDFD24A530-C202-11EB-B217-B42E99639323
HistoryMay 02, 2021 - 12:00 a.m.

wayland -- integer overflow

2021-05-0200:00:00
vuxml.freebsd.org
14
wayland
vulnerability
integer overflow
libxcursor
cve-2013-2003
unix

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.006

Percentile

77.7%

Tobias Stoeckmann reports:

The libXcursor fix for CVE-2013-2003 has never been imported into wayland, leaving it vulnerable to it.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchwayland< 1.19.0_1UNKNOWN

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.006

Percentile

77.7%