Denial of Service Vulnerability in X.Org X Window System
CVE-2014-8102

Currently unrated

Key Information:

Vendor: X.org
Status: Xorg-server
Vendor: CVE Published:; 10 December 2014

What is CVE-2014-8102?

The vulnerability in the SProcXFixesSelectSelectionInput function of the XFixes extension in the X.Org X Window System allows remote authenticated users to exploit crafted length values, potentially resulting in denial of service or arbitrary code execution on affected systems. This has been observed in versions before 1.16.3 of the X.Org Server, highlighting the importance of timely updates and patching.

References

http://www.debian.org/security/2014/dsa-3095

vendor-advisoryx_refsource_DEBIAN

http://www.x.org/wiki/Development/Security/Advisory-2014-...

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2014
Vulnerability Reserved
Oct 10, 2014

X.org

What is CVE-2014-8102?

References

Timeline