Buffer Overflow Vulnerability in X.Org libXv Affects Multiple Distributions
CVE-2013-2066

Currently unrated

Key Information:

Vendor: X.org
Status: Libxv
Vendor: CVE Published:; 15 June 2013

What is CVE-2013-2066?

A buffer overflow vulnerability exists in X.Org's libXv version 1.0.7 and earlier, which may allow X servers to crash, potentially leading to denial of service and the execution of arbitrary code. The issue arises when crafted length or index values are sent to the XvQueryPortAttributes function, exposing systems to risks when handling X Window System client libraries. Users are advised to update to the latest versions to mitigate this vulnerability.

References

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://www.ubuntu.com/usn/USN-1867-1

vendor-advisoryx_refsource_UBUNTU

http://lists.opensuse.org/opensuse-updates/2013-06/msg001...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2013
Vulnerability Reserved
Feb 19, 2013

X.org

What is CVE-2013-2066?

References

Timeline