Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8092

Опубликовано: 09 дек. 2014
Источник: redhat
CVSS2: 7.4
EPSS Низкий

Описание

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges.

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-190->CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1168684xorg-x11-server: integer overflow in X11 core protocol requests when calculating memory needs for requests

EPSS

Процентиль: 79%
0.01293
Низкий

7.4 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8092

ubuntu
больше 10 лет назад

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

nvd логотип

CVE-2014-8092

nvd
больше 10 лет назад

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

debian логотип

CVE-2014-8092

debian
больше 10 лет назад

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11 ...

github логотип

GHSA-5xcf-4m43-c4p9

github
больше 3 лет назад

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

suse-cvrf логотип

SUSE-SU-2015:1127-1

suse-cvrf
около 10 лет назад

Security update for xorg-x11-server

EPSS

Процентиль: 79%
0.01293
Низкий

7.4 High

CVSS2