rpm package

suse/libX11&distro=SUSE Linux Enterprise Desktop 12 SP3

pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-14600	—	< 1.6.2-12.5.1	1.6.2-12.5.1	Aug 24, 2018	An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
CVE-2018-14599	—	< 1.6.2-12.5.1	1.6.2-12.5.1	Aug 24, 2018	An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
CVE-2018-14598	—	< 1.6.2-12.5.1	1.6.2-12.5.1	Aug 24, 2018	An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).

CVE-2018-14600Aug 24, 2018
affected < 1.6.2-12.5.1fixed 1.6.2-12.5.1
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
CVE-2018-14599Aug 24, 2018
affected < 1.6.2-12.5.1fixed 1.6.2-12.5.1
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
CVE-2018-14598Aug 24, 2018
affected < 1.6.2-12.5.1fixed 1.6.2-12.5.1
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).