rpm package
suse/xorg-x11-libX11&distro=SUSE Linux Enterprise Server 11 SP3-LTSS
pkg:rpm/suse/xorg-x11-libX11&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-14600 | — | < 7.4-5.11.72.9.1 | 7.4-5.11.72.9.1 | Aug 24, 2018 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution. | ||
| CVE-2018-14599 | — | < 7.4-5.11.72.9.1 | 7.4-5.11.72.9.1 | Aug 24, 2018 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||
| CVE-2018-14598 | — | < 7.4-5.11.72.9.1 | 7.4-5.11.72.9.1 | Aug 24, 2018 | An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). |
- CVE-2018-14600Aug 24, 2018affected < 7.4-5.11.72.9.1fixed 7.4-5.11.72.9.1
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
- CVE-2018-14599Aug 24, 2018affected < 7.4-5.11.72.9.1fixed 7.4-5.11.72.9.1
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
- CVE-2018-14598Aug 24, 2018affected < 7.4-5.11.72.9.1fixed 7.4-5.11.72.9.1
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).