CVE-2013-1995

Published Jun 15, 2013

Last updated 4 years ago

CVSS info 6.8

Overview

Description: X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:x.org:libxi:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90DF85F5-D8B6-4396-A139-BE30C590B520",
            "versionEndIncluding": "1.7.1"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B5AAB71-FFD1-482B-87A3-941B8B4BBA5A"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.5.99.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCD677F0-0F98-4550-80C9-E75A5CFD6F20"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.5.99.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E3D1B68-BFA2-4173-8843-7F3D29639973"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3462CFC7-89CB-4867-8DE9-8370A8438497"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACB8D098-C28D-404B-B315-3DBE36BB1F30"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "596A9E3D-01C4-439A-A96C-8D1E5378CCDA"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.6.99.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "134F8DCD-E77B-4828-BBE4-9B4AAF5AECB2"
          },
          {
            "criteria": "cpe:2.3:a:x.org:libxi:1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E66B05D-F164-4D6C-9CCD-28EC8D3256BD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References