Denial of Service Vulnerability in X.Org X Window System Affects X11R6.1 and X.Org Server
CVE-2014-8097

Currently unrated

Key Information:

Vendor: X.org
Status: Xorg-server
Vendor: CVE Published:; 10 December 2014

What is CVE-2014-8097?

The DBE extension in the X.Org X Window System permits remote authenticated users to exploit vulnerabilities by providing crafted length or index values. This can lead to denial of service due to out-of-bounds read or write operations, potentially allowing the execution of arbitrary code through the ProcDbeSwapBuffers or SProcDbeSwapBuffers functions. It is crucial for organizations using affected versions to apply the latest updates to mitigate these risks.

References

http://www.debian.org/security/2014/dsa-3095

vendor-advisoryx_refsource_DEBIAN

http://www.x.org/wiki/Development/Security/Advisory-2014-...

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2014
Vulnerability Reserved
Oct 10, 2014

X.org

What is CVE-2014-8097?

References

Timeline