ID CVE-2013-7439
Summary Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
References
Vulnerable Configurations
  • X.Org libX11 1.5.99.902
    cpe:2.3:a:x.org:libx11:1.5.99.902
  • x.org libX11 1.5.99.901
    cpe:2.3:a:x.org:libx11:1.5.99.901
  • x.org libX11 1.5.0
    cpe:2.3:a:x.org:libx11:1.5.0
  • X.Org libX11 1.4.99.902
    cpe:2.3:a:x.org:libx11:1.4.99.902
  • X.Org libX11 1.4.99.901
    cpe:2.3:a:x.org:libx11:1.4.99.901
  • X.Org libX11 1.4.4
    cpe:2.3:a:x.org:libx11:1.4.4
  • X.Org libX11 1.4.3
    cpe:2.3:a:x.org:libx11:1.4.3
  • X.Org libX11 1.4.2
    cpe:2.3:a:x.org:libx11:1.4.2
  • X.Org libX11 1.4.1
    cpe:2.3:a:x.org:libx11:1.4.1
  • X.Org libX11 1.4.0
    cpe:2.3:a:x.org:libx11:1.4.0
  • X.Org libX11 1.3.99.903
    cpe:2.3:a:x.org:libx11:1.3.99.903
  • X.Org libX11 1.3.99.902
    cpe:2.3:a:x.org:libx11:1.3.99.902
  • X.Org libX11 1.3.99.901
    cpe:2.3:a:x.org:libx11:1.3.99.901
  • X.Org libX11 1.3.6
    cpe:2.3:a:x.org:libx11:1.3.6
  • X.Org libX11 1.3.5
    cpe:2.3:a:x.org:libx11:1.3.5
  • X.Org libX11 1.3.4
    cpe:2.3:a:x.org:libx11:1.3.4
  • X.Org libX11 1.3.3
    cpe:2.3:a:x.org:libx11:1.3.3
  • X.Org libX11 1.3.2
    cpe:2.3:a:x.org:libx11:1.3.2
  • X.Org libX11 1.3.1
    cpe:2.3:a:x.org:libx11:1.3.1
  • X.Org libX11 1.3
    cpe:2.3:a:x.org:libx11:1.3
  • X.Org libX11 1.2.2
    cpe:2.3:a:x.org:libx11:1.2.2
  • X.Org libX11 1.2.1
    cpe:2.3:a:x.org:libx11:1.2.1
  • X.Org libX11 1.2
    cpe:2.3:a:x.org:libx11:1.2
  • X.Org libX11 1.1.6
    cpe:2.3:a:x.org:libx11:1.1.6
  • X.Org libX11 1.1.5
    cpe:2.3:a:x.org:libx11:1.1.5
  • X.Org libX11 1.1.4
    cpe:2.3:a:x.org:libx11:1.1.4
  • x.org libX11 1.1 -
    cpe:2.3:a:x.org:libx11:1.1
  • X.Org libX11 1.1.99.2
    cpe:2.3:a:x.org:libx11:1.1.99.2
  • X.Org libX11 1.1.99.1
    cpe:2.3:a:x.org:libx11:1.1.99.1
  • X.Org libX11 1.1 release candidate 2
    cpe:2.3:a:x.org:libx11:1.1:rc2
  • X.Org libX11 1.1 release candidate 1
    cpe:2.3:a:x.org:libx11:1.1:rc1
  • X.Org libX11 1.0.1
    cpe:2.3:a:x.org:libx11:1.0.1
  • x.org libX11 1.0.2
    cpe:2.3:a:x.org:libx11:1.0.2
  • x.org libX11 1.0.3
    cpe:2.3:a:x.org:libx11:1.0.3
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.10
    cpe:2.3:o:canonical:ubuntu_linux:14.10
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • X.Org X11R6.0
    cpe:2.3:a:x.org:x11:6.0
  • X.Org X11R6.1
    cpe:2.3:a:x.org:x11:6.1
  • X.Org X11 6.3
    cpe:2.3:a:x.org:x11:6.3
  • X.Org X11 6.4
    cpe:2.3:a:x.org:x11:6.4
  • X.Org X11 6.5.1
    cpe:2.3:a:x.org:x11:6.5.1
  • X.Org X11 6.6
    cpe:2.3:a:x.org:x11:6.6
  • X.Org X11R6.7
    cpe:2.3:a:x.org:x11:6.7
  • X.Org X11 6.8.0
    cpe:2.3:a:x.org:x11:6.8.0
  • X.Org X11 6.8.1
    cpe:2.3:a:x.org:x11:6.8.1
  • X.Org X11 6.8.2
    cpe:2.3:a:x.org:x11:6.8.2
  • X.Org X11 6.9
    cpe:2.3:a:x.org:x11:6.9
CVSS
Base: 7.5 (as of 23-08-2016 - 10:52)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2568-1.NASL
    description Abhishek Arya discovered that libX11 incorrectly handled memory in the MakeBigReq macro. A remote attacker could use this issue to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. In addition, following the macro fix in libx11, a number of other packages have also been rebuilt as security updates including libxrender, libxext, libxi, libxfixes, libxrandr, libsdl1.2, libxv, libxp, and xserver-xorg-video-vmware. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 82766
    published 2015-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82766
    title Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : libx11, libxrender vulnerability (USN-2568-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-199.NASL
    description Abhishek Arya discovered a buffer overflow in the MakeBigReq macro provided by libx11, which could result in denial of service or the execution of arbitrary code. Several other xorg packages (e.g. libxrender) will be recompiled against the fixed package after the release of this update. For detailed information on the status of recompiled packages please refer to the Debian Security Tracker at https://security-tracker.debian.org/tracker/CVE-2013-7439 For the oldstable distribution (squeeze), this problem has been fixed in version 2:1.3.3-4+squeeze2. For the stable distribution (wheezy), this problem has been fixed in version 2:1.5.0-1+deb7u2. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 82785
    published 2015-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82785
    title Debian DLA-199-1 : libx11 security update
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3224.NASL
    description Abhishek Arya discovered a buffer overflow in the MakeBigReq macro provided by libx11, which could result in denial of service or the execution of arbitrary code. Several other xorg packages (e.g. libxrender) will be recompiled against the fixed package after the release of this update. For detailed information on the status of recompiled packages please refer to the Debian Security Tracker at https://security-tracker.debian.org/tracker/CVE-2013-7439.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 82746
    published 2015-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82746
    title Debian DSA-3224-1 : libx11 - security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-1334-1.NASL
    description xorg-x11-libX11 was updated to fix one security issue. This security issue was fixed : - CVE-2013-7439: Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allowed remote attackers to have unspecified impact via a crafted request, which triggered a buffer overflow (bsc#927220). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 85215
    published 2015-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85215
    title SUSE SLED11 / SLES11 Security Update : xorg-x11-libX11 (SUSE-SU-2015:1334-1)
redhat via4
advisories
bugzilla
id 1119322
title %{dist} found instead of %{?dist} in: libXi-1.7.2-2.1.el6.src.rpm.spec
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment libXcursor is earlier than 0:1.1.14-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436005
      • comment libXcursor is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436006
    • AND
      • comment libXcursor-devel is earlier than 0:1.1.14-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436007
      • comment libXcursor-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436008
    • AND
      • comment libXext is earlier than 0:1.3.2-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436009
      • comment libXext is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436010
    • AND
      • comment libXext-devel is earlier than 0:1.3.2-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436011
      • comment libXext-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436012
    • AND
      • comment libXfixes is earlier than 0:5.0.1-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436013
      • comment libXfixes is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436014
    • AND
      • comment libXfixes-devel is earlier than 0:5.0.1-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436015
      • comment libXfixes-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436016
    • AND
      • comment libXinerama is earlier than 0:1.1.3-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436017
      • comment libXinerama is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436018
    • AND
      • comment libXinerama-devel is earlier than 0:1.1.3-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436019
      • comment libXinerama-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436020
    • AND
      • comment libXp is earlier than 0:1.0.2-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436021
      • comment libXp is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436022
    • AND
      • comment libXp-devel is earlier than 0:1.0.2-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436023
      • comment libXp-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436024
    • AND
      • comment libXrandr is earlier than 0:1.4.1-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436025
      • comment libXrandr is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436026
    • AND
      • comment libXrandr-devel is earlier than 0:1.4.1-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436027
      • comment libXrandr-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436028
    • AND
      • comment libXrender is earlier than 0:0.9.8-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436029
      • comment libXrender is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436030
    • AND
      • comment libXrender-devel is earlier than 0:0.9.8-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436031
      • comment libXrender-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436032
    • AND
      • comment libXres is earlier than 0:1.0.7-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436033
      • comment libXres is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436034
    • AND
      • comment libXres-devel is earlier than 0:1.0.7-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436035
      • comment libXres-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436036
    • AND
      • comment libXt is earlier than 0:1.1.4-6.1.el6
        oval oval:com.redhat.rhsa:tst:20141436037
      • comment libXt is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436038
    • AND
      • comment libXt-devel is earlier than 0:1.1.4-6.1.el6
        oval oval:com.redhat.rhsa:tst:20141436039
      • comment libXt-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436040
    • AND
      • comment libXtst is earlier than 0:1.2.2-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436041
      • comment libXtst is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436042
    • AND
      • comment libXtst-devel is earlier than 0:1.2.2-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436043
      • comment libXtst-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436044
    • AND
      • comment libXv is earlier than 0:1.0.9-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436045
      • comment libXv is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436046
    • AND
      • comment libXv-devel is earlier than 0:1.0.9-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436047
      • comment libXv-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436048
    • AND
      • comment libXxf86dga is earlier than 0:1.1.4-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436049
      • comment libXxf86dga is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436050
    • AND
      • comment libXxf86dga-devel is earlier than 0:1.1.4-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436051
      • comment libXxf86dga-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436052
    • AND
      • comment libXvMC is earlier than 0:1.0.8-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436053
      • comment libXvMC is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436054
    • AND
      • comment libXvMC-devel is earlier than 0:1.0.8-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436055
      • comment libXvMC-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436056
    • AND
      • comment libdmx is earlier than 0:1.1.3-3.el6
        oval oval:com.redhat.rhsa:tst:20141436057
      • comment libdmx is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436058
    • AND
      • comment libdmx-devel is earlier than 0:1.1.3-3.el6
        oval oval:com.redhat.rhsa:tst:20141436059
      • comment libdmx-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436060
    • AND
      • comment libXxf86vm is earlier than 0:1.1.3-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436061
      • comment libXxf86vm is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436062
    • AND
      • comment libXxf86vm-devel is earlier than 0:1.1.3-2.1.el6
        oval oval:com.redhat.rhsa:tst:20141436063
      • comment libXxf86vm-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436064
    • AND
      • comment libX11 is earlier than 0:1.6.0-2.2.el6
        oval oval:com.redhat.rhsa:tst:20141436065
      • comment libX11 is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436066
    • AND
      • comment libX11-common is earlier than 0:1.6.0-2.2.el6
        oval oval:com.redhat.rhsa:tst:20141436067
      • comment libX11-common is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436068
    • AND
      • comment libX11-devel is earlier than 0:1.6.0-2.2.el6
        oval oval:com.redhat.rhsa:tst:20141436069
      • comment libX11-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436070
    • AND
      • comment xorg-x11-proto-devel is earlier than 0:7.7-9.el6
        oval oval:com.redhat.rhsa:tst:20141436071
      • comment xorg-x11-proto-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436072
    • AND
      • comment xorg-x11-xtrans-devel is earlier than 0:1.3.4-1.el6
        oval oval:com.redhat.rhsa:tst:20141436073
      • comment xorg-x11-xtrans-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436074
    • AND
      • comment xcb-proto is earlier than 0:1.8-3.el6
        oval oval:com.redhat.rhsa:tst:20141436075
      • comment xcb-proto is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436076
    • AND
      • comment xkeyboard-config is earlier than 0:2.11-1.el6
        oval oval:com.redhat.rhsa:tst:20141436077
      • comment xkeyboard-config is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436078
    • AND
      • comment xkeyboard-config-devel is earlier than 0:2.11-1.el6
        oval oval:com.redhat.rhsa:tst:20141436079
      • comment xkeyboard-config-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436080
    • AND
      • comment libxcb is earlier than 0:1.9.1-2.el6
        oval oval:com.redhat.rhsa:tst:20141436081
      • comment libxcb is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436082
    • AND
      • comment libxcb-devel is earlier than 0:1.9.1-2.el6
        oval oval:com.redhat.rhsa:tst:20141436087
      • comment libxcb-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436088
    • AND
      • comment libxcb-doc is earlier than 0:1.9.1-2.el6
        oval oval:com.redhat.rhsa:tst:20141436083
      • comment libxcb-doc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436084
    • AND
      • comment libxcb-python is earlier than 0:1.9.1-2.el6
        oval oval:com.redhat.rhsa:tst:20141436085
      • comment libxcb-python is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436086
    • AND
      • comment libXi is earlier than 0:1.7.2-2.2.el6
        oval oval:com.redhat.rhsa:tst:20141436089
      • comment libXi is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436090
    • AND
      • comment libXi-devel is earlier than 0:1.7.2-2.2.el6
        oval oval:com.redhat.rhsa:tst:20141436091
      • comment libXi-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141436092
rhsa
id RHSA-2014:1436
released 2014-10-14
severity Moderate
title RHSA-2014:1436: X11 client libraries security, bug fix, and enhancement update (Moderate)
rpms
  • libXcursor-0:1.1.14-2.1.el6
  • libXcursor-devel-0:1.1.14-2.1.el6
  • libXext-0:1.3.2-2.1.el6
  • libXext-devel-0:1.3.2-2.1.el6
  • libXfixes-0:5.0.1-2.1.el6
  • libXfixes-devel-0:5.0.1-2.1.el6
  • libXinerama-0:1.1.3-2.1.el6
  • libXinerama-devel-0:1.1.3-2.1.el6
  • libXp-0:1.0.2-2.1.el6
  • libXp-devel-0:1.0.2-2.1.el6
  • libXrandr-0:1.4.1-2.1.el6
  • libXrandr-devel-0:1.4.1-2.1.el6
  • libXrender-0:0.9.8-2.1.el6
  • libXrender-devel-0:0.9.8-2.1.el6
  • libXres-0:1.0.7-2.1.el6
  • libXres-devel-0:1.0.7-2.1.el6
  • libXt-0:1.1.4-6.1.el6
  • libXt-devel-0:1.1.4-6.1.el6
  • libXtst-0:1.2.2-2.1.el6
  • libXtst-devel-0:1.2.2-2.1.el6
  • libXv-0:1.0.9-2.1.el6
  • libXv-devel-0:1.0.9-2.1.el6
  • libXxf86dga-0:1.1.4-2.1.el6
  • libXxf86dga-devel-0:1.1.4-2.1.el6
  • libXvMC-0:1.0.8-2.1.el6
  • libXvMC-devel-0:1.0.8-2.1.el6
  • libdmx-0:1.1.3-3.el6
  • libdmx-devel-0:1.1.3-3.el6
  • libXxf86vm-0:1.1.3-2.1.el6
  • libXxf86vm-devel-0:1.1.3-2.1.el6
  • libX11-0:1.6.0-2.2.el6
  • libX11-common-0:1.6.0-2.2.el6
  • libX11-devel-0:1.6.0-2.2.el6
  • xorg-x11-proto-devel-0:7.7-9.el6
  • xorg-x11-xtrans-devel-0:1.3.4-1.el6
  • xcb-proto-0:1.8-3.el6
  • xkeyboard-config-0:2.11-1.el6
  • xkeyboard-config-devel-0:2.11-1.el6
  • libxcb-0:1.9.1-2.el6
  • libxcb-devel-0:1.9.1-2.el6
  • libxcb-doc-0:1.9.1-2.el6
  • libxcb-python-0:1.9.1-2.el6
  • libXi-0:1.7.2-2.2.el6
  • libXi-devel-0:1.7.2-2.2.el6
refmap via4
bid 73962
confirm
debian DSA-3224
mlist
  • [oss-security] 20150409 Re: CVE Request: libX11: buffer overflow in MakeBigReq macro
  • [xorg-announce] 20150414 [ANNOUNCE] X.Org Security Advisory: Buffer overflow in MakeBigReq macro
ubuntu USN-2568-1
Last major update 17-10-2016 - 23:43
Published 16-04-2015 - 10:59
Back to Top