[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Multiple integer overflow vulnerabilities in X.org libXi due to protocol handling issues

ID: oval:org.secpod.oval:def:20992Date: (C)2014-09-02   (M)2023-07-28
Class: VULNERABILITYFamily: unix




The host is installed with libXi before 1.7.2 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to properly handle vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.

Platform:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product:
libXi
Reference:
CVE-2013-1984
CVE    1
CVE-2013-1984
CPE    12
cpe:/o:redhat:enterprise_linux:5
cpe:/a:x:libxi:1.5.99.2
cpe:/a:x:libxi:1.5.99.3
cpe:/o:redhat:enterprise_linux:6
...

© SecPod Technologies