ID CVE-2013-2064
Summary Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
References
Vulnerable Configurations
  • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:secure_global_desktop:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:secure_global_desktop:5.2:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxcb:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxcb:1.9:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
non_vulnerable_configuration via4
    redhat via4
    rpms
    • libXcursor-0:1.1.14-2.1.el6
    • libXcursor-devel-0:1.1.14-2.1.el6
    • libXext-0:1.3.2-2.1.el6
    • libXext-devel-0:1.3.2-2.1.el6
    • libXfixes-0:5.0.1-2.1.el6
    • libXfixes-devel-0:5.0.1-2.1.el6
    • libXinerama-0:1.1.3-2.1.el6
    • libXinerama-devel-0:1.1.3-2.1.el6
    • libXp-0:1.0.2-2.1.el6
    • libXp-devel-0:1.0.2-2.1.el6
    • libXrandr-0:1.4.1-2.1.el6
    • libXrandr-devel-0:1.4.1-2.1.el6
    • libXrender-0:0.9.8-2.1.el6
    • libXrender-devel-0:0.9.8-2.1.el6
    • libXres-0:1.0.7-2.1.el6
    • libXres-devel-0:1.0.7-2.1.el6
    • libXt-0:1.1.4-6.1.el6
    • libXt-devel-0:1.1.4-6.1.el6
    • libXtst-0:1.2.2-2.1.el6
    • libXtst-devel-0:1.2.2-2.1.el6
    • libXv-0:1.0.9-2.1.el6
    • libXv-devel-0:1.0.9-2.1.el6
    • libXxf86dga-0:1.1.4-2.1.el6
    • libXxf86dga-devel-0:1.1.4-2.1.el6
    • libXvMC-0:1.0.8-2.1.el6
    • libXvMC-devel-0:1.0.8-2.1.el6
    • libdmx-0:1.1.3-3.el6
    • libdmx-devel-0:1.1.3-3.el6
    • libXxf86vm-0:1.1.3-2.1.el6
    • libXxf86vm-devel-0:1.1.3-2.1.el6
    • libX11-0:1.6.0-2.2.el6
    • libX11-common-0:1.6.0-2.2.el6
    • libX11-devel-0:1.6.0-2.2.el6
    • xorg-x11-proto-devel-0:7.7-9.el6
    • xorg-x11-xtrans-devel-0:1.3.4-1.el6
    • xcb-proto-0:1.8-3.el6
    • xkeyboard-config-0:2.11-1.el6
    • xkeyboard-config-devel-0:2.11-1.el6
    • libxcb-0:1.9.1-2.el6
    • libxcb-devel-0:1.9.1-2.el6
    • libxcb-doc-0:1.9.1-2.el6
    • libxcb-python-0:1.9.1-2.el6
    • libXi-0:1.7.2-2.2.el6
    • libXi-devel-0:1.7.2-2.2.el6
    refmap via4
    bid 60148
    confirm
    debian DSA-2686
    fedora FEDORA-2013-9070
    mlist [oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries
    suse openSUSE-SU-2013:1007
    ubuntu USN-1855-1
    vulnerable_product via4
    • cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:secure_global_desktop:5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.90.1:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.91:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.92:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.1.93:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:x:libxcb:1.9:*:*:*:*:*:*:*
    Last major update 30-10-2018 - 16:27
    Published 15-06-2013 - 19:55
    Back to Top