CVE-2013-1991

Name of the Vulnerable Software and Affected Versions libXxf86dga versions 1.1.3 and earlier xorg-server versions prior to 1.14.3-r2 libXext versions 1.3.2 libX11 versions 1.6.0 libXt versions 1.1.4 libXp versions 1.0.2 libXfixes versions 5.0.1 libXinerama versions 1.1.3 libXcursor versions 1.1.14 libXtst versions 1.2.2 libXi versions 1.7.2 libXres versions 1.0.7 libXrandr versions 1.4.1 libXv versions 1.0.9 libXvMC versions 1.0.8 libX11-common versions 1.6.0 libXrender versions 0.9.8 xcb-proto versions 1.8 libxcb versions 1.9.1

Description The issue affects multiple packages in the Red Hat Enterprise Linux and Gentoo Linux operating systems, allowing for remote exploitation that may lead to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited remotely. Specifically, multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.

Recommendations For libXxf86dga versions 1.1.3 and earlier, update to a version later than 1.1.3. For xorg-server versions prior to 1.14.3-r2, update to version 1.14.3-r2 or later. For libXext versions 1.3.2, update to a version later than 1.3.2. For libX11 versions 1.6.0, update to a version later than 1.6.0. For libXt versions 1.1.4, update to a version later than 1.1.4. For libXp versions 1.0.2, update to a version later than 1.0.2. For libXfixes versions 5.0.1, update to a version later than 5.0.1. For libXinerama versions 1.1.3, update to a version later than 1.1.3. For libXcursor versions 1.1.14, update to a version later than 1.1.14. For libXtst versions 1.2.2, update to a version later than 1.2.2. For libXi versions 1.7.2, update to a version later than 1.7.2. For libXres versions 1.0.7, update to a version later than 1.0.7. For libXrandr versions 1.4.1, update to a version later than 1.4.1. For libXv versions 1.0.9, update to a version later than 1.0.9. For libXvMC versions 1.0.8, update to a version later than 1.0.8. For libX11-common versions 1.6.0, update to a version later than 1.6.0. For libXrender versions 0.9.8, update to a version later than 0.9.8. For xcb-proto versions 1.8, update to a version later than 1.8. For libxcb versions 1.9.1, update to a version later than 1.9.1.