CVE-2013-1999

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux (affected versions not specified) xorg-server versions prior to 1.14.3-r2 libXvMC versions prior to 1.0.8 libXvMC-1.0.7 and earlier

Description The issue involves multiple vulnerabilities in various packages of Red Hat Enterprise Linux and other operating systems, which can lead to disruption of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be done remotely. A buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.

Recommendations For Red Hat Enterprise Linux, update the affected packages to the latest versions. For xorg-server versions prior to 1.14.3-r2, update to version 1.14.3-r2 or later. For libXvMC versions prior to 1.0.8, update to version 1.0.8 or later. As a temporary workaround, consider disabling the vulnerable functions until a patch is available. Restrict access to the vulnerable modules to minimize the risk of exploitation. Avoid using the vulnerable packages until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some of the affected packages.