libX11: Off-by-one error in XListExtensions in ListExt.c

An off-by-one error has been discovered in libX11 in functions XGetFontPath, XListExtensions, and XListFonts. An attacker who can either configure a malicious X server or modify the data coming from one could use this flaw to make the program crash or have other unspecified effects, caused by the...

The vulnerability of the XListExtensions function in the client-side API library for the X Window System libX11 allows a attacker to cause a service failure.

The vulnerability of the XListExtensions function ListExt.c in the client API library for the X Window System libX11 is related to an “unit not counted” error. Exploiting this vulnerability allows a remote attacker to cause a service failure through a specially crafted server response...

DEBIAN-CVE-2018-14598

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS segmentation fault...

ALPINE-CVE-2018-14600

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write of up to 128 bytes, leading to DoS or remote code execution...

UBUNTU-CVE-2018-14600

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write of up to 128 bytes, leading to DoS or remote code execution...