CVE-2012-1699

Name of the Vulnerable Software and Affected Versions X.Org X11R6 versions through X11R6.6 XFree86 versions prior to 3.3.3

Description The issue allows local users to cause a denial of service, resulting in memory corruption and crash, or obtain potentially sensitive information from memory. This is achieved via a SetEventMask request that triggers an invalid pointer dereference due to the ProcSetEventMask function calling the SendErrToClient function with a mask value instead of a pointer.

Recommendations For X.Org X11R6 versions through X11R6.6, consider updating to a version outside of the affected range to resolve the issue. For XFree86 versions prior to 3.3.3, update to version 3.3.3 or later to fix the problem.