X.Org libXt CVE-2013-2005 Multiple Memory Corruption Vulnerabilities



The 'libXt' library is prone to multiple memory-corruption vulnerabilities because it fails to adequately bounds-check user-supplied data.

Attackers can exploit this issue to execute arbitrary code within the context of the user running the X client. Failed exploit attempts will likely cause denial-of-service conditions.

Versions prior to libXt 1.1.4 are vulnerable.

Information

Bugtraq ID: 60133
Class: Unknown
CVE: CVE-2013-2005

Remote: Yes
Local: No
Published: May 23 2013 12:00AM
Updated: Apr 23 2017 12:05AM
Credit: Ilja van Sprundel of IOActive
Vulnerable: X.org libXt 1.1.3
Ubuntu Ubuntu Linux 13.04
Ubuntu Ubuntu Linux 12.10
Ubuntu Ubuntu Linux 12.04
Ubuntu Ubuntu Linux 10.04 LTS
Sun Solaris 8
Sun Solaris 10_x86
Sun Solaris 10_sparc
S.u.S.E. openSUSE 12.3
S.u.S.E. openSUSE 12.2
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Oracle Solaris 9
Oracle Solaris 11.1
Oracle Solaris 10
Oracle Secure Global Desktop 4.71
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64


Not Vulnerable: X.org libXt 1.1.4
Oracle Solaris 11.1.8.4.0



Related Posts

Comments