CVE-2013-2004
Published: 23 May 2013
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
Priority
Status
Package | Release | Status |
---|---|---|
libx11 Launchpad, Ubuntu, Debian |
upstream |
Pending
(1.5.99.902)
|
lucid |
Released
(2:1.3.2-1ubuntu3.1)
|
|
precise |
Released
(2:1.4.99.1-0ubuntu2.1)
|
|
quantal |
Released
(2:1.5.0-1ubuntu0.1)
|
|
raring |
Released
(2:1.5.0-1ubuntu1.1)
|
|
Patches: upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=236b603d235dc264d1c6250dca09c745458a9088 (1/2) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=226622349a4b1e16064649d4444a34fb4be4f464 (2/2) |