Heap-based buffer overflow vulnerability in X.org libXi via vectors related to an unexpected sign extension in the XListInputDevices function
|ID: oval:org.secpod.oval:def:20994||Date: (C)2014-09-02 (M)2017-04-25|
|Class: VULNERABILITY||Family: unix|
The host is installed with libXi before 1.7.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle vectors related to an unexpected sign extension in the XListInputDevices function. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.
|Red Hat Enterprise Linux 5|
|Red Hat Enterprise Linux 6|