ID CVE-2013-1994
Summary Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.
References
Vulnerable Configurations
  • x.org libchromeXvMC
    cpe:2.3:a:x:libchromexvmc
  • x.org libchromeXvMC
    cpe:2.3:a:x:libchromexvmcpro
  • openChrome 0.3.2
    cpe:2.3:a:openchrome:openchrome:0.3.2
CVSS
Base: 6.8 (as of 17-06-2013 - 12:22)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-8991.NASL
    description - Fix integer overflow in libchromeXvMC (CVE-2013-1994). - Various bug fixes and improvements. Update to latest upstream release. For details, see http://cgit.freedesktop.org/openchrome/xf86-video-open chrome/tree/NEWS?id=release_0_3_3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 66728
    published 2013-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66728
    title Fedora 19 : xorg-x11-drv-openchrome-0.3.3-1.fc19 (2013-8991)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-9138.NASL
    description - Fix integer overflow in libchromeXvMC (CVE-2013-1994). - Various bug fixes and improvements. Update to latest upstream release. For details, see http://cgit.freedesktop.org/openchrome/xf86-video-open chrome/tree/NEWS?id=release_0_3_3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 66733
    published 2013-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66733
    title Fedora 17 : xorg-x11-drv-openchrome-0.3.3-1.fc17 (2013-9138)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-9114.NASL
    description - Fix integer overflow in libchromeXvMC (CVE-2013-1994). - Various bug fixes and improvements. Update to latest upstream release. For details, see http://cgit.freedesktop.org/openchrome/xf86-video-open chrome/tree/NEWS?id=release_0_3_3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 66730
    published 2013-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66730
    title Fedora 18 : xorg-x11-drv-openchrome-0.3.3-1.fc18 (2013-9114)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2679.NASL
    description Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 66563
    published 2013-05-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66563
    title Debian DSA-2679-1 : xserver-xorg-video-openchrome - several vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1871-1.NASL
    description Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 66858
    published 2013-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66858
    title Ubuntu 12.04 LTS / 12.10 / 13.04 : xserver-xorg-video-openchrome, xserver-xorg-video-openchrome-lts-quantal vulnerability (USN-1871-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201405-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-201405-07 (X.Org X Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 74028
    published 2014-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74028
    title GLSA-201405-07 : X.Org X Server: Multiple vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_2EEBEBFFCD3B11E28F09001B38C3836C.NASL
    description freedesktop.org reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most of these issues stem from the client libraries trusting the server to send correct protocol data, and not verifying that the values will not overflow or cause other damage. Most of the time X clients & servers are run by the same user, with the server more privileged from the clients, so this is not a problem, but there are scenarios in which a privileged client can be connected to an unprivileged server, for instance, connecting a setuid X client (such as a screen lock program) to a virtual X server (such as Xvfb or Xephyr) which the user has modified to return invalid data, potentially allowing the user to escalate their privileges. The vulnerabilities include : Integer overflows calculating memory needs for replies. Sign extension issues calculating memory needs for replies. Buffer overflows due to not validating length or offset values in replies. Integer overflows parsing user-specified files. Unbounded recursion parsing user-specified files. Memory corruption due to unchecked return values.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 66798
    published 2013-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66798
    title FreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c)
refmap via4
confirm http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
debian DSA-2679
mlist [oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries
ubuntu USN-1871-1
Last major update 20-06-2013 - 23:17
Published 15-06-2013 - 15:55
Back to Top