CVE-2013-1984

EPSS 0.90%

libxi - several

Published: 6/15/2013Modified: 4/28/2026

Description

Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.

Affected packages (2)

Debian/libxifrom 0, < 2:1.6.1-1+deb7u1
Debian/libxifrom 0, < 2:1.3-8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1984