Multiple integer overflow vulnerability in libXext due to protocol handling issuesID: oval:org.secpod.oval:def:20968 | Date: (C)2014-09-02 (M)2023-07-28 |
Class: VULNERABILITY | Family: unix |
The host is installed with libXext before 1.3.2 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.
Platform: |
Red Hat Enterprise Linux 5 |
Red Hat Enterprise Linux 6 |