Multiple integer overflow vulnerabilities in X.org libXvID: oval:org.secpod.oval:def:20974 | Date: (C)2014-09-02 (M)2023-07-28 |
Class: VULNERABILITY | Family: unix |
The host is installed with libXv before 1.0.8 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.
Platform: |
Red Hat Enterprise Linux 5 |
Red Hat Enterprise Linux 6 |