X.Org libXfixes CVE-2016-7944 Integer Overflow Vulnerability

X.Org libXfixes is prone to a an integer overflow vulnerability.

An attacker can exploit this vulnerability to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions.

libXfixes versions 5.0.2 and prior are vulnerable.

Information

Bugtraq ID: 93361
Class: Boundary Condition Error
CVE: CVE-2016-7944

Remote: Yes
Local: No
Published: Oct 04 2016 12:00AM
Updated: Apr 13 2017 12:03AM
Credit: Stoeckmann
Vulnerable: X.org libXfixes 5.0.1
X.org libXfixes 4.0.5
X.org libXfixes 5.0.2
X.org libXfixes 5.0
X.org libXfixes 4.0.4
X.org libXfixes 4.0.3
X.org libXfixes 4.0.2
X.org libXfixes 4.0.1
Gentoo Linux

Not Vulnerable:

References:

• Re: X.Org security advisory: Protocol handling issues in X Window System client (Seclists.org)
  
• X.Org Homepage (X.Org)
  
• Integer overflow on illegal server response (freedesktop)
  

Source: www.securityfocus.com