PublicDateAtUSN: 2013-05-23 15:00:00 UTC
Candidate: CVE-2013-1999
CRD: 2013-05-23 15:00:00 UTC
PublicDate: 2013-06-15 20:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999
 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
 http://www.debian.org/security/2013/dsa-2675
 https://ubuntu.com/security/notices/USN-1868-1
Description:
 Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to
 cause a denial of service (crash) and possibly execute arbitrary code via
 crafted length or index values to the XvMCGetDRInfo function.
Ubuntu-Description: 
Notes: 
 mdeslaur> watch for regression fixed in dsa-2675-2
Bugs: 
Priority: medium
Discovered-by: Ilja van Sprundel
Assigned-to: mdeslaur
CVSS: 

Patches_libxvmc:
 upstream: http://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=e9415ddef2ac81d4139bd32d5e9cda9394a60051 (1/1)
 upstream: http://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=8c164524d229adb6141fdac8336b3823e7fe1a5d (regression?)
upstream_libxvmc: pending (1.0.8)
lucid_libxvmc: ignored (reached end-of-life)
precise_libxvmc: released (2:1.0.6-1ubuntu2.1)
quantal_libxvmc: released (2:1.0.7-1ubuntu1.12.10.1)
raring_libxvmc: released (2:1.0.7-1ubuntu1.13.04.1)
devel_libxvmc: released (2:1.0.7-1ubuntu2)