CVE-2013-1998

Description

Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.

Affected packages (1)

• Debian/libxifrom 0, < 2:1.6.1-1+deb7u1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1998