CVE-2013-2000

Name of the Vulnerable Software and Affected Versions libXxf86dga version 1.1.3 and earlier xorg-server versions prior to 1.14.3-r2 libXext versions 1.3.2 libX11 versions 1.6.0 libXt versions 1.1.4 libXfixes versions 5.0.1 libXinerama versions 1.1.3 libXp versions 1.0.2 libXcursor versions 1.1.14 libXtst versions 1.2.2 libXi versions 1.7.2 libXres versions 1.0.7 libXrandr versions 1.4.1 libXv versions 1.0.9 libXvMC versions 1.0.8 libX11-common versions 1.6.0 libXrender versions 0.9.8 libxcb versions 1.9.1 xcb-proto versions 1.8

Description The issue involves multiple vulnerabilities in various packages of the X.org software, including libXxf86dga, xorg-server, libXext, libX11, libXt, libXfixes, libXinerama, libXp, libXcursor, libXtst, libXi, libXres, libXrandr, libXv, libXvMC, libX11-common, libXrender, libxcb, and xcb-proto. These vulnerabilities can be exploited remotely, potentially leading to a denial of service (crash) and possibly allowing the execution of arbitrary code. The vulnerabilities are caused by multiple buffer overflows in the affected packages, which can be triggered by crafted length or index values to specific functions, such as XDGAQueryModes and XDGASetMode.

Recommendations For libXxf86dga version 1.1.3 and earlier, update to a version later than 1.1.3. For xorg-server versions prior to 1.14.3-r2, update to version 1.14.3-r2 or later. For libXext versions 1.3.2, update to a version later than 1.3.2. For libX11 versions 1.6.0, update to a version later than 1.6.0. For libXt versions 1.1.4, update to a version later than 1.1.4. For libXfixes versions 5.0.1, update to a version later than 5.0.1. For libXinerama versions 1.1.3, update to a version later than 1.1.3. For libXp versions 1.0.2, update to a version later than 1.0.2. For libXcursor versions 1.1.14, update to a version later than 1.1.14. For libXtst versions 1.2.2, update to a version later than 1.2.2. For libXi versions 1.7.2, update to a version later than 1.7.2. For libXres versions 1.0.7, update to a version later than 1.0.7. For libXrandr versions 1.4.1, update to a version later than 1.4.1. For libXv versions 1.0.9, update to a version later than 1.0.9. For libXvMC versions 1.0.8, update to a version later than 1.0.8. For libX11-common versions 1.6.0, update to a version later than 1.6.0. For libXrender versions 0.9.8, update to a version later than 0.9.8. For libxcb versions 1.9.1, update to a version later than 1.9.1. For xcb-proto versions 1.8, update to a version later than 1.8.