CVE-2017-13721
published 2017-10-10CVE-2017-13721: In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause…
medium4.7CVSS 3.0
AVLACHPRLUINSUCNINAH
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | xorg-server | < xorg-server 2:1.19.4-1 (bookworm) | xorg-server 2:1.19.4-1 (bookworm) |
| x.org | x_server | <= 1.19.3 | — |
| x.org | xorg-server | >= 0 < 2:1.19.4-1 | 2:1.19.4-1 |
| x.org | xorg-server | >= 0 < 2:1.19.4-1 | 2:1.19.4-1 |
| x.org | xorg-server | >= 0 < 2:1.19.4-1 | 2:1.19.4-1 |
| x.org | xorg-server | >= 0 < 2:1.19.4-1 | 2:1.19.4-1 |
| x.org | xorg-server | >= 0 < 2:1.15.1-0ubuntu2.10 | 2:1.15.1-0ubuntu2.10 |
| x.org | xorg-server | >= 0 < 2:1.18.4-0ubuntu0.6 | 2:1.18.4-0ubuntu0.6 |
CVSS provenance
nvdv3.04.7MEDIUMCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
osv4.7MEDIUM