CVE-2013-1981

描述

Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.

受影響套件(2)

• Debian/libx11from 0, < 2:1.5.0-1+deb7u1
• Debian/libx11from 0, < 2:1.3.3-4+squeeze1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1981