[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Heap-based buffer overflow vulnerability in X.org libXi via vectors related to an unexpected sign extension in the XListInputDevices function

ID: oval:org.secpod.oval:def:20994Date: (C)2014-09-02   (M)2023-07-28
Class: VULNERABILITYFamily: unix




The host is installed with libXi before 1.7.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle vectors related to an unexpected sign extension in the XListInputDevices function. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.

Platform:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product:
libXi
Reference:
CVE-2013-1995
CVE    1
CVE-2013-1995
CPE    12
cpe:/o:redhat:enterprise_linux:5
cpe:/a:x:libxi:1.5.99.2
cpe:/a:x:libxi:1.5.99.3
cpe:/o:redhat:enterprise_linux:6
...

© SecPod Technologies