CVE-2013-1995

Name of the Vulnerable Software and Affected Versions libX11 versions 1.6.0 libX11-devel versions 1.6.0 libXext versions 1.3.2 libXext-devel versions 1.3.2 libXfixes versions 5.0.1 libXfixes-devel versions 5.0.1 libXinerama versions 1.1.3 libXinerama-devel versions 1.1.3 libXi versions 1.7.2 libXi-devel versions 1.7.2 libXp versions 1.0.2 libXp-devel versions 1.0.2 libXrandr versions 1.4.1 libXrandr-devel versions 1.4.1 libXres versions 1.0.7 libXres-devel versions 1.0.7 libXt versions 1.1.4 libXt-devel versions 1.1.4 libXtst versions 1.2.2 libXtst-debuginfo versions 1.2.2 libXv versions 1.0.9 libXvMC versions 1.0.8 libXxf86dga versions 1.1.4 libXxf86vm versions 1.1.3 xorg-server versions prior to 1.14.3-r2 xorg-x11-proto-devel versions 7.7 xorg-x11-xtrans-devel versions 1.3.4 xcb-proto versions 1.8 xkeyboard-config versions 2.11

Description The issue is related to multiple vulnerabilities in various packages of the Red Hat Enterprise Linux and Gentoo Linux operating systems. These vulnerabilities can lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be carried out remotely. The X.org libXi 1.7.1 and earlier versions are also affected, allowing X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.

Recommendations For libX11 versions 1.6.0, update to a newer version. For libX11-devel versions 1.6.0, update to a newer version. For libXext versions 1.3.2, update to a newer version. For libXext-devel versions 1.3.2, update to a newer version. For libXfixes versions 5.0.1, update to a newer version. For libXfixes-devel versions 5.0.1, update to a newer version. For libXinerama versions 1.1.3, update to a newer version. For libXinerama-devel versions 1.1.3, update to a newer version. For libXi versions 1.7.2, update to a newer version. For libXi-devel versions 1.7.2, update to a newer version. For libXp versions 1.0.2, update to a newer version. For libXp-devel versions 1.0.2, update to a newer version. For libXrandr versions 1.4.1, update to a newer version. For libXrandr-devel versions 1.4.1, update to a newer version. For libXres versions 1.0.7, update to a newer version. For libXres-devel versions 1.0.7, update to a newer version. For libXt versions 1.1.4, update to a newer version. For libXt-devel versions 1.1.4, update to a newer version. For libXtst versions 1.2.2, update to a newer version. For libXtst-debuginfo versions 1.2.2, update to a newer version. For libXv versions 1.0.9, update to a newer version. For libXvMC versions 1.0.8, update to a newer version. For libXxf86dga versions 1.1.4, update to a newer version. For libXxf86vm versions 1.1.3, update to a newer version. For xorg-server versions prior to 1.14.3-r2, update to version 1.14.3-r2 or later. For xorg-x11-proto-devel versions 7.7, update to a newer version. For xorg-x11-xtrans-devel versions 1.3.4, update to a newer version. For xcb-proto versions 1.8, update to a newer version. For xkeyboard-config versions 2.11, update to a newer version.