Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-14362

Опубликовано: 15 сент. 2020
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*
Версия до 1.20.9 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 29%
0.00103
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-191
CWE-191

Связанные уязвимости

ubuntu логотип

CVE-2020-14362

CVSS3: 7.8
ubuntu
почти 5 лет назад

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

redhat логотип

CVE-2020-14362

CVSS3: 7.8
redhat
почти 5 лет назад

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

debian логотип

CVE-2020-14362

CVSS3: 7.8
debian
почти 5 лет назад

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Int ...

github логотип

GHSA-wfwj-6wvw-xhcw

CVSS3: 7.8
github
около 3 лет назад

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

fstec логотип

BDU:2021-00126

CVSS3: 5.9
fstec
почти 5 лет назад

Уязвимость функции SProcRecordQueryVersion сервера X Window System Xorg-server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 29%
0.00103
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-191
CWE-191