rpm package
suse/libXv&distro=SUSE Linux Enterprise Desktop 12 SP1
pkg:rpm/suse/libXv&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1
Vulnerabilities (12)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7953 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string. | |
| CVE-2016-7952 | Hig | 7.5 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | |
| CVE-2016-7951 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks. | |
| CVE-2016-7950 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths. | |
| CVE-2016-7949 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields. | |
| CVE-2016-7948 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. | |
| CVE-2016-7947 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. | |
| CVE-2016-7946 | Hig | 7.5 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. | |
| CVE-2016-7945 | Hig | 7.5 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields. | |
| CVE-2016-7944 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync. | |
| CVE-2016-7942 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations. | |
| CVE-2016-5407 | Cri | 9.8 | < 1.0.10-5.2 | 1.0.10-5.2 | Dec 13, 2016 | The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data. |
- affected < 1.0.10-5.2fixed 1.0.10-5.2
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
- affected < 1.0.10-5.2fixed 1.0.10-5.2
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.