X.Org libXrandr CVE-2016-7947 Multiple Integer Overflow Vulnerabilities

X.Org libXrandr is prone to multiple integer-overflow vulnerabilities.

An attacker can exploit these issues to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions.

Information

Bugtraq ID: 93365
Class: Boundary Condition Error
CVE: CVE-2016-7947

Remote: Yes
Local: No
Published: Oct 04 2016 12:00AM
Updated: Apr 13 2017 12:03AM
Credit: Tobias Stoeckmann
Vulnerable: X.org libXrandr 1.5
X.org libXrandr 1.4.1
X.org libXrandr 1.4
X.org libXrandr 1.3.2
X.org libXrandr 1.3
X.org libXrandr 1.2.3
X.org libXrandr 1.3.1
X.org libXrandr 1.2.99.4
X.org libXrandr 1.2.99.3
X.org libXrandr 1.2.99.2
X.org libXrandr 1.2.99.1
Gentoo Linux

Not Vulnerable:

References:

• Avoid out of boundary accesses on illegal responses (X.org)
  
• Re: X.Org security advisory: Protocol handling issues in X Window System client (Seclists.org)
  
• X.Org Home Page (X.Org)
  

Source: www.securityfocus.com