cbcvebase.
CVE-2013-7439
published 2015-04-16

CVE-2013-7439: Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to…

PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.28%
89.9th percentile
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.

Affected

52 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debianlibx11< libx11 2:1.6.0-1 (bookworm)libx11 2:1.6.0-1 (bookworm)
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11
x.orglibx11

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.