CVE-2013-1994

DEB

Medium

Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocatio…

CVSS

4.3

Medium

EPSS

0.00

p61

Published

2013-01-01

Updated

2013-01-01

Description

Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.

Tags · CWE

CWE-189

CWE-190

CAPEC-92

Affected products

LibdrmLibpciaccessLibwacomMesaMesa-private-llvmPixmanXcb-utilXcb-util-imageXcb-util-keysymsXcb-util-wmXorg-x11-appsXorg-x11-drv-acecadXorg-x11-drv-aiptekXorg-x11-drv-apmXorg-x11-drv-astXorg-x11-drv-atiXorg-x11-drv-cirrusXorg-x11-drv-dummyXorg-x11-drv-elographicsXorg-x11-drv-evdev

CVSS vector

AV:A/AC:H/Au:N/C:P/I:P/A:P

Timeline

2013-01-01

Published

2013-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: A

Adjacent Network (A)

Attack Complexity

AC: H

High (H)

Authentication

Au: N

None (N)

Confidentiality Impact

C: P

Partial

Integrity Impact

I: P

Partial

Availability Impact

A: P

Partial

Exploit indicators

EPSS

0.004 · p61

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected software

Product	Vendor	Status
libdrm		Tracked
libpciaccess		Tracked
libwacom		Tracked
mesa		Tracked
mesa-private-llvm		Tracked
pixman		Tracked
xcb-util		Tracked
xcb-util-image		Tracked
xcb-util-keysyms		Tracked
xcb-util-wm		Tracked
xorg-x11-apps		Tracked
xorg-x11-drv-acecad		Tracked
xorg-x11-drv-aiptek		Tracked
xorg-x11-drv-apm		Tracked
xorg-x11-drv-ast		Tracked
xorg-x11-drv-ati		Tracked
xorg-x11-drv-cirrus		Tracked
xorg-x11-drv-dummy		Tracked
xorg-x11-drv-elographics		Tracked
xorg-x11-drv-evdev		Tracked

Source databases

DEB

CVE

RED

Related vulnerabilities