rpm package
suse/xorg-x11-libX11&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA
pkg:rpm/suse/xorg-x11-libX11&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-14600 | — | < 7.4-5.11.72.9.1 | 7.4-5.11.72.9.1 | Aug 24, 2018 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution. | ||
| CVE-2018-14599 | — | < 7.4-5.11.72.9.1 | 7.4-5.11.72.9.1 | Aug 24, 2018 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||
| CVE-2018-14598 | — | < 7.4-5.11.72.9.1 | 7.4-5.11.72.9.1 | Aug 24, 2018 | An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). | ||
| CVE-2013-7439 | — | < 7.4-5.11.15.1 | 7.4-5.11.15.1 | Apr 16, 2015 | Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. |
- CVE-2018-14600Aug 24, 2018affected < 7.4-5.11.72.9.1fixed 7.4-5.11.72.9.1
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
- CVE-2018-14599Aug 24, 2018affected < 7.4-5.11.72.9.1fixed 7.4-5.11.72.9.1
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
- CVE-2018-14598Aug 24, 2018affected < 7.4-5.11.72.9.1fixed 7.4-5.11.72.9.1
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
- CVE-2013-7439Apr 16, 2015affected < 7.4-5.11.15.1fixed 7.4-5.11.15.1
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.