exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2013-4396

Status Candidate

Overview

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Related Files

Mandriva Linux Security Advisory 2013-260
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-260 - Multiple vulnerabilities have been discovered and corrected in x11-server. The updated packages have been patched to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1166, CVE-2011-4028, CVE-2013-1940, CVE-2013-4396
SHA-256 | 50969d2a09bdf2e48ce14b12843f678f7e90396dd3d3c735132e96cfb2be5013
Mandriva Linux Security Advisory 2013-259
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-259 - Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4396
SHA-256 | d73de32034766dc93737b3ea8cb07c6ae13f7aee39585ad2d16563b6745e2abb
Debian Security Advisory 2784-1
Posted Oct 22, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2784-1 - Pedro Ribeiro discovered a use-after-free in the handling of ImageText requests in the Xorg Xserver, which could result in denial of service or privilege escalation.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2013-4396
SHA-256 | 82535cd588a62e5fc585f940c3816c00eb6aca566b9ff38c936e61a5a546ec92
Ubuntu Security Notice USN-1990-1
Posted Oct 17, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1990-1 - Pedro Ribeiro discovered that the X.Org X server incorrectly handled memory operations when handling ImageText requests. An attacker could use this issue to cause X.Org to crash, or to possibly execute arbitrary code. It was discovered that non-root X.Org X servers such as Xephyr incorrectly used cached xkb files. A local attacker could use this flaw to cause a xkb cache file to be loaded by another user, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2013-4396, CVE-2013-1056, CVE-2013-1056, CVE-2013-4396
SHA-256 | 20ef9ae65651b3045515f2137dfaa94de9ff70a34ee665c2b80c0fb149236b52
Red Hat Security Advisory 2013-1426-01
Posted Oct 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1426-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-4396
SHA-256 | d72ffb1f45e9412968049f5b566eaaed14e469d38fd22929209af914c61bb2d6
Slackware Security Advisory - xorg-server Updates
Posted Oct 16, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New xorg-server packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-4396.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4396
SHA-256 | d63fcb06cd8e5c354fdbceb85314bd6e9bee0b0da684642768e3b3bfb2dce838
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close