CVE-2013-4396

🗓️ 10 Oct 2013 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 25 Views

Use-after-free vuln in doImageText function, xorg-server module before 1.14.

Reporter	Title	Published	Views	Family All 79
FreeBSD	xorg-server -- use-after-free	8 Oct 201300:00	–	freebsd
Tenable Nessus	AIX 6.1 TL 7 : xorg (IV52181)	22 Jan 201400:00	–	nessus
Tenable Nessus	AIX 6.1 TL 8 : xorg (IV52184)	22 Jan 201400:00	–	nessus
Tenable Nessus	AIX 7.1 TL 1 : xorg (IV52185)	22 Jan 201400:00	–	nessus
Tenable Nessus	AIX 7.1 TL 2 : xorg (IV52186)	22 Jan 201400:00	–	nessus
Tenable Nessus	AIX 6.1 TL 9 : xorg (IV52978)	5 Feb 201400:00	–	nessus
Tenable Nessus	AIX 7.1 TL 3 : xorg (IV53246)	5 Feb 201400:00	–	nessus
Tenable Nessus	AIX 5.3 TL 12 : xorg (IV53331)	22 Jan 201400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : xorg-x11-server (ALAS-2013-234)	14 Nov 201300:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : xorg-x11-server (CESA-2013:1426)	17 Oct 201300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	12.04	any	xorg-server	2:1.11.4-0ubuntu10.14	xorg-server_2:1.11.4-0ubuntu10.14_any.deb
Ubuntu	12.10	any	xorg-server	2:1.13.0-0ubuntu6.4	xorg-server_2:1.13.0-0ubuntu6.4_any.deb
Ubuntu	13.04	any	xorg-server	2:1.13.3-0ubuntu6.2	xorg-server_2:1.13.3-0ubuntu6.2_any.deb
Ubuntu	12.04	any	xorg-server-lts-quantal	2:1.13.0-0ubuntu6.1~precise4	xorg-server-lts-quantal_2:1.13.0-0ubuntu6.1~precise4_any.deb
Ubuntu	12.04	any	xorg-server-lts-raring	2:1.13.3-0ubuntu6~precise3	xorg-server-lts-raring_2:1.13.3-0ubuntu6~precise3_any.deb

Source	Link
openwall	www.openwall.com/lists/oss-security/2013/10/08/6
ubuntu	www.ubuntu.com/security/notices/USN-1990-1
cve	www.cve.org/CVERecord

24 Jul 2024 15:57Current

7.2High risk

Vulners AI Score7.2

CVSS 26.5

EPSS0.01971

vulnerability x.org x11 remote attack memory allocation dos arbitrary code imagetext request