CVE-2013-1056 - X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of ser

CVE-2013-1056

Summary

X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.

References

http://www.ubuntu.com/usn/USN-1990-1

Vulnerable Configurations

cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*

CVSS

Base:	1.9 (as of 29-10-2013 - 14:18)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:N/C:N/I:N/A:P

refmap via4

ubuntu

USN-1990-1

Last major update

29-10-2013 - 14:18

Published

28-10-2013 - 21:55

Last modified

29-10-2013 - 14:18