X.Org libXv CVE-2016-5407 Memory Corruption Vulnerability

libXv is prone to a memory-corruption vulnerability.

Attackers can exploit this issue to execute arbitrary code on the affected system. Failed exploit attempts may result in a denial-of-service condition.

libXv version 1.0.10 and prior are vulnerable.

Information

Bugtraq ID: 93368
Class: Boundary Condition Error
CVE: CVE-2016-5407

Remote: Yes
Local: No
Published: Oct 05 2016 12:00AM
Updated: Apr 13 2017 12:03AM
Credit: The vendor reported this issue.
Vulnerable: X.org libXv 1.0.10
X.org libXv 1.0.8
X.org libXv 1.0.7
X.org libXv 1.0.6
X.org libXv 1.0.5
X.org libXv 1.0.4
X.org libXv 1.0.3
X.org libXv 1.0.2
Gentoo Linux

Not Vulnerable:

References:

• Protocol handling issues in libXv - CVE-2016-5407 (freedesktop.org)
  
• Re: X.Org security advisory: Protocol handling issues in X Window System client (Seclists.org)
  
• X.Org Homepage (X.Org)
  

Source: www.securityfocus.com