CVE-2013-2004
published 2013-06-15CVE-2013-2004: The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing…
PriorityP425medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.58%
72.4th percentile
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libx11 | < libx11 2:1.5.0-1+deb7u1 (bookworm) | libx11 2:1.5.0-1+deb7u1 (bookworm) |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x.org | libx11 | >= 0 < 2:1.5.0-1+deb7u1 | 2:1.5.0-1+deb7u1 |
| x | libx11 | <= 1.5.99.901 | — |
| x | libx11 | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wmfq-hvmh-r97h: The (1) GetDatabase and (2) _XimParseStringFile functions in X
ghsa_unreviewed·2022-05-17
CVE-2013-2004 [MEDIUM] CWE-119 GHSA-wmfq-hvmh-r97h: The (1) GetDatabase and (2) _XimParseStringFile functions in X
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
OSV
CVE-2013-2004: The (1) GetDatabase and (2) _XimParseStringFile functions in X
osv·2013-06-15·CVSS 6.8
CVE-2013-2004 [MEDIUM] CVE-2013-2004: The (1) GetDatabase and (2) _XimParseStringFile functions in X
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
Ubuntu
libx11 vulnerabilities
vendor_ubuntu·2013-06-05
CVE-2013-1981 libx11 vulnerabilities
Title: libx11 vulnerabilities
Summary: Several security issues were fixed in libx11.
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Instructions: After a standard system update you need to restart your session to make all
the necessary changes.
Red Hat
libX11: unbounded recursion leading to stack-overflow
vendor_redhat·2013-05-23·CVSS 6.8
CVE-2013-2004 [MEDIUM] CWE-835 libX11: unbounded recursion leading to stack-overflow
libX11: unbounded recursion leading to stack-overflow
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file.
Statement: This issue affects the libX11 package in Red Hat Enterprise Linux 5. Red Hat Product Security has rated this issue as having Low security impact. This issue is not planned to be fixed in Red Hat Enterp
Red Hat
kvm: qemu-nbd block format auto-detection vulnerability
vendor_redhat·2013-04-15·CVSS 4.9
CVE-2013-1922 [MEDIUM] kvm: qemu-nbd block format auto-detection vulnerability
kvm: qemu-nbd block format auto-detection vulnerability
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004.
Statement: Not vulnerable.
This issue does not affect versions of kvm and xen packages as shipped with Red Hat Enterprise Linux 5. This issue does not affect versions of qemu-kvm packages as shipped with Red Hat Enterprise Linux 5 and 6.
Package: kvm (Red Hat Enterprise Linux 5) - Not affected
Package: qemu-kvm (Red Hat Enterprise Linux 6) - Not affected
Debian
CVE-2013-2004: libx11 - The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99...
vendor_debian·2013·CVSS 6.8
CVE-2013-2004 [MEDIUM] CVE-2013-2004: libx11 - The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99...
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
Scope: local
bookworm: resolved (fixed in 2:1.5.0-1+deb7u1)
bullseye: resolved (fixed in 2:1.5.0-1+deb7u1)
forky: resolved (fixed in 2:1.5.0-1+deb7u1)
sid: resolved (fixed in 2:1.5.0-1+deb7u1)
trixie: resolved (fixed in 2:1.5.0-1+deb7u1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-1981 CVE-2013-2004 libX11 various flaws [fedora-all]
bugzilla·2013-05-23·CVSS 6.8
CVE-2013-1981 [MEDIUM] CVE-2013-1981 CVE-2013-2004 libX11 various flaws [fedora-all]
CVE-2013-1981 CVE-2013-2004 libX11 various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple su
Bugzilla
CVE-2013-2004 libX11: unbounded recursion leading to stack-overflow
bugzilla·2013-05-03·CVSS 6.8
CVE-2013-2004 [MEDIUM] CVE-2013-2004 libX11: unbounded recursion leading to stack-overflow
CVE-2013-2004 libX11: unbounded recursion leading to stack-overflow
IssueDescription:
Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file.
Discussion:
Public via:
http://www.openwall.com/lists/oss-security/2013/05/23/3
---
Upstream patches:
http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=236b603d235dc264d1c6250dca09c745458a9088 [1/2]
http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=226622349a4b1e16064649d4444a34fb4be4f464 [2/2]
---
This issue affects the versions of the libX11 package, as shipped with Fedora release of 17 and 18. Please schedule an update.
---
Created libX
Bugzilla
CVE-2013-1922 qemu, qemu-kvm, kvm: qemu-nbd block format auto-detection vulnerability
bugzilla·2013-03-19·CVSS 4.9
CVE-2013-1922 [MEDIUM] CVE-2013-1922 qemu, qemu-kvm, kvm: qemu-nbd block format auto-detection vulnerability
CVE-2013-1922 qemu, qemu-kvm, kvm: qemu-nbd block format auto-detection vulnerability
A security flaw was found in the way qemu-nbd, the QEMU Disk Network Block Device server tool of QEMU, performed detection of image formats (the image format has been previously autodetected). A guest operating system administrator could write a header to particular raw disk image format, describing another format than original one for that disk image, leading to scenario in which after restart of that guest, QEMU would detect new format of the image, and could allow the guest to read any file on the host if QEMU was sufficiently privileged.
A different vulnerability that CVE-2008-2004.
Discussion:
Acknowledgements:
This issue was found by Daniel Berrange of Red Hat.
---
Created attachment 712650
P
http://www.debian.org/security/2013/dsa-2693http://www.openwall.com/lists/oss-security/2013/05/23/3http://www.ubuntu.com/usn/USN-1854-1http://www.x.org/wiki/Development/Security/Advisory-2013-05-23http://www.debian.org/security/2013/dsa-2693http://www.openwall.com/lists/oss-security/2013/05/23/3http://www.ubuntu.com/usn/USN-1854-1http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
2013-06-15
Published