CVE-2013-1983

Public on 2013-06-15
Modified on 2014-11-24
Description
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
Severity
Medium severity
Medium
CVSS v3 Base Score
4.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 libX11 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXcursor 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXfixes 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXi 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXrandr 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXrender 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXres 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXt 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXv 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXvMC 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXxf86dga 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libXxf86vm 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 libdmx 2014-11-22 ALAS-2014-452 Fixed
Amazon Linux 1 xorg-x11-proto-devel 2014-11-22 ALAS-2014-452 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 4.3 AV:A/AC:H/Au:N/C:P/I:P/A:P
NVD CVSSv2 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P