CVE-2012-2118

Name of the Vulnerable Software and Affected Versions X.Org X11 version 1.11 xorg-server versions prior to 1.11.4-r1

Description The issue is related to a format string vulnerability in the LogVHdrMessageVerb function. This vulnerability can be exploited to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name. The vulnerability can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For X.Org X11 version 1.11, update to a version newer than 1.11.4-r1 to resolve the issue. For xorg-server versions prior to 1.11.4-r1, update to version 1.11.4-r1 or newer to fix the vulnerability.