CVE-2013-1981
published 2013-06-15CVE-2013-1981: Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow…
PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.40%
69.0th percentile
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | libx11 | < libx11 2:1.5.0-1+deb7u1 (bookworm) | libx11 2:1.5.0-1+deb7u1 (bookworm) |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x | libx11 | <= 1.5.99.901 | — |
| x | libx11 | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libx11 vulnerabilities
vendor_ubuntu·2013-06-05
CVE-2013-1981 libx11 vulnerabilities
Title: libx11 vulnerabilities
Summary: Several security issues were fixed in libx11.
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Instructions: After a standard system update you need to restart your session to make all
the necessary changes.
Red Hat
libX11: Multiple integer overflows leading to heap-based buffer-overflows
vendor_redhat·2013-05-23·CVSS 6.8
CVE-2013-1981 [MEDIUM] CWE-190 libX11: Multiple integer overflows leading to heap-based buffer-overflows
libX11: Multiple integer overflows leading to heap-based buffer-overflows
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
Statement: This issue affects the libX11 package in Red Hat Enterprise Linux 5. Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not planned to be fixed in Red Hat En
Debian
CVE-2013-1981: libx11 - Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allo...
vendor_debian·2013·CVSS 6.8
CVE-2013-1981 [MEDIUM] CVE-2013-1981: libx11 - Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allo...
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
Scope: local
bookworm: resolved (fixed in 2:1.5.0-1+deb7u1)
bullseye: resolved (fixed in 2:1.5.0-1+deb7u1)
forky: resolved (fixed in 2:1.5.0-1+deb7u1)
sid: resolved (fixed in 2:1.5.0-1+deb7u1)
trixie: resolved (fixed in 2:1.5.0-1+deb7u1)
GHSA
GHSA-h27q-wm75-844h: Multiple integer overflows in X
ghsa_unreviewed·2022-05-17
CVE-2013-1981 [MEDIUM] GHSA-h27q-wm75-844h: Multiple integer overflows in X
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
OSV
CVE-2013-1981: Multiple integer overflows in X
osv·2013-06-15·CVSS 6.8
CVE-2013-1981 [MEDIUM] CVE-2013-1981: Multiple integer overflows in X
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-1981 CVE-2013-2004 libX11 various flaws [fedora-all]
bugzilla·2013-05-23·CVSS 6.8
CVE-2013-1981 [MEDIUM] CVE-2013-1981 CVE-2013-2004 libX11 various flaws [fedora-all]
CVE-2013-1981 CVE-2013-2004 libX11 various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple su
Bugzilla
CVE-2013-1981 libX11: Multiple integer overflows leading to heap-based buffer-overflows
bugzilla·2013-05-03·CVSS 6.8
CVE-2013-1981 [MEDIUM] CVE-2013-1981 libX11: Multiple integer overflows leading to heap-based buffer-overflows
CVE-2013-1981 libX11: Multiple integer overflows leading to heap-based buffer-overflows
Several integer overflow flaws causing heap-based buffer overflows were found in libX11, the Core X11 protocol client library.
Note from upstream:
Most of these issues stem from the client libraries trusting the server to send correct protocol data, and not verifying that the values will not overflow or cause other damage. Most of the time X clients & servers are run by the same user, with the server more privileged from the clients, so this is not a problem, but there are scenarios in which a privileged client can be connected to an unprivileged server, for instance, connecting a setuid X client (such as a screen lock program) to a virtual X server(such as Xvfb or Xephyr) the user has modified to re
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.htmlhttp://www.debian.org/security/2013/dsa-2693http://www.openwall.com/lists/oss-security/2013/05/23/3http://www.securityfocus.com/bid/60120http://www.ubuntu.com/usn/USN-1854-1http://www.x.org/wiki/Development/Security/Advisory-2013-05-23http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.htmlhttp://www.debian.org/security/2013/dsa-2693http://www.openwall.com/lists/oss-security/2013/05/23/3http://www.securityfocus.com/bid/60120http://www.ubuntu.com/usn/USN-1854-1http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
2013-06-15
Published