6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.1%
Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service (CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-1992, CVE-2013-1993, CVE-2013-1994, CVE-2013-1995, CVE-2013-1996, CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2003, CVE-2013-2004, CVE-2013-2005, CVE-2013-2062, CVE-2013-2063, CVE-2013-2064, CVE-2013-2066). An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-1872).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | libdmx | < 1.1.3-1 | libdmx-1.1.3-1.mga3 |
Mageia | 3 | noarch | libfs | < 1.0.5-1 | libfs-1.0.5-1.mga3 |
Mageia | 3 | noarch | libx11 | < 1.6.0-1 | libx11-1.6.0-1.mga3 |
Mageia | 3 | noarch | libxcb | < 1.9.1-1 | libxcb-1.9.1-1.mga3 |
Mageia | 3 | noarch | libxcursor | < 1.1.14-1 | libxcursor-1.1.14-1.mga3 |
Mageia | 3 | noarch | libxext | < 1.3.2-1 | libxext-1.3.2-1.mga3 |
Mageia | 3 | noarch | libxfixes | < 5.0.1-1 | libxfixes-5.0.1-1.mga3 |
Mageia | 3 | noarch | libxi | < 1.6.2.901-1 | libxi-1.6.2.901-1.mga3 |
Mageia | 3 | noarch | libxinerama | < 1.1.3-1 | libxinerama-1.1.3-1.mga3 |
Mageia | 3 | noarch | libxp | < 1.0.2-1 | libxp-1.0.2-1.mga3 |
www.debian.org/security/2013/dsa-2673
www.debian.org/security/2013/dsa-2674
www.debian.org/security/2013/dsa-2675
www.debian.org/security/2013/dsa-2676
www.debian.org/security/2013/dsa-2677
www.debian.org/security/2013/dsa-2678
www.debian.org/security/2013/dsa-2679
www.debian.org/security/2013/dsa-2680
www.debian.org/security/2013/dsa-2681
www.debian.org/security/2013/dsa-2682
www.debian.org/security/2013/dsa-2683
www.debian.org/security/2013/dsa-2684
www.debian.org/security/2013/dsa-2685
www.debian.org/security/2013/dsa-2686
www.debian.org/security/2013/dsa-2687
www.debian.org/security/2013/dsa-2688
www.debian.org/security/2013/dsa-2689
www.debian.org/security/2013/dsa-2690
www.debian.org/security/2013/dsa-2691
www.debian.org/security/2013/dsa-2692
www.debian.org/security/2013/dsa-2693
www.x.org/wiki/Development/Security/Advisory-2013-05-23
bugs.mageia.org/show_bug.cgi?id=10565
rhn.redhat.com/errata/RHSA-2013-0897.html