CVE-2013-2005

Published Jun 15, 2013

Last updated 8 years ago

Overview

Description: X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:x:libxt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "167A9E09-5820-45B0-AC6E-CA5E190AA6FD",
            "versionEndIncluding": "1.1.3"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "164508A7-BF5D-4BD3-8510-0CE41BC2F6D4"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52AAC08F-BC66-4871-AD15-A38B4AA8378E"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4076D17-8668-4AE0-8B14-BD384C7BDBBD"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E93D94B-BCB9-4A71-B579-B30ABA643841"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EA16A44-7534-4025-94E8-049B84A01FE0"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46BE2A14-7744-4270-B10F-1C3F72B24F79"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51A9700D-B407-41EC-8CAD-E78CD00C047E"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C18DFCD4-C01D-468F-ABF7-ABA17B2717DD"
          },
          {
            "criteria": "cpe:2.3:a:x:libxt:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "530D4ACE-11DA-43DE-9B7F-D27FCF3CF176"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References