Unrated severityNVD Advisory· Published Jun 15, 2013· Updated Apr 29, 2026
CVE-2013-1998
CVE-2013-1998
Description
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
Affected products
9cpe:2.3:a:x.org:libxi:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:x.org:libxi:*:*:*:*:*:*:*:*range: <=1.7.1
- cpe:2.3:a:x.org:libxi:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.5.99.2:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.5.99.3:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.6.99.1:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libxi:1.7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.x.org/wiki/Development/Security/Advisory-2013-05-23nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-06/msg00161.htmlnvd
- www.debian.org/security/2013/dsa-2683nvd
- www.openwall.com/lists/oss-security/2013/05/23/3nvd
- www.securityfocus.com/bid/60127nvd
- www.ubuntu.com/usn/USN-1859-1nvd
News mentions
0No linked articles in our index yet.