Lucene search

K

[email protected]NVD:CVE-2013-1998

HistoryJun 15, 2013 - 8:55 p.m.

CVE-2013-1998

2013-06-1520:55:00

CWE-119

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.

Affected configurations

NVD

Node

x.orglibxiRange≤1.7.1

OR

x.orglibxiMatch1.5.0

OR

x.orglibxiMatch1.5.99.2

OR

x.orglibxiMatch1.5.99.3

OR

x.orglibxiMatch1.6.0

OR

x.orglibxiMatch1.6.1

OR

x.orglibxiMatch1.6.2

OR

x.orglibxiMatch1.6.99.1

OR

x.orglibxiMatch1.7

References

lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html

lists.opensuse.org/opensuse-updates/2013-06/msg00161.html

www.debian.org/security/2013/dsa-2683

www.openwall.com/lists/oss-security/2013/05/23/3

www.securityfocus.com/bid/60127

www.ubuntu.com/usn/USN-1859-1

www.x.org/wiki/Development/Security/Advisory-2013-05-23

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

Related for NVD:CVE-2013-1998

cve1 prion1 cvelist1 ubuntucve1 debiancve1 openvas14 ubuntu1 fedora2 nessus17 securityvulns2 debian1 veracode25 amazon1 centos1 redhat1 freebsd1 mageia1 gentoo1 oracle1