Buffer overflow in xcmsdb - CVE-2013-2005
Published: June 15, 2013 / Updated: July 28, 2020
Vulnerability identifier: #VU32668
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2013-2005
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: xorg.freedesktop.org
Affected software:
xcmsdb
xcmsdb
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
How to mitigate CVE-2013-2005
Install update from vendor's website.
Sources
- http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106785.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00138.html
- http://www.debian.org/security/2013/dsa-2680
- http://www.openwall.com/lists/oss-security/2013/05/23/3
- http://www.securityfocus.com/bid/60133
- http://www.ubuntu.com/usn/USN-1865-1
- http://www.x.org/wiki/Development/Security/Advisory-2013-05-23