CVE-2013-2064

Name of the Vulnerable Software and Affected Versions libxcb versions 1.9 and earlier xorg-server versions prior to 1.14.3-r2 libXext versions 1.3.2 and earlier libX11 versions 1.6.0 and earlier libXt versions 1.1.4 and earlier libXfixes versions 5.0.1 and earlier libXinerama versions 1.1.3 and earlier libXp versions 1.0.2 and earlier libXxf86vm versions 1.1.3 and earlier libXrender versions 0.9.8 and earlier libXres versions 1.0.7 and earlier libXrandr versions 1.4.1 and earlier libXv versions 1.0.9 and earlier libXi versions 1.7.2 and earlier libXcursor versions 1.1.14 and earlier libXtst versions 1.2.2 and earlier libXvMC versions 1.0.8 and earlier libX11-common versions 1.6.0 and earlier xcb-proto versions 1.8 and earlier libXxf86dga versions 1.1.4 and earlier libdmx versions 1.1.3 and earlier

Description The issue is related to multiple vulnerabilities in various packages of the Red Hat Enterprise Linux, Gentoo Linux, and Debian GNU/Linux operating systems. These vulnerabilities can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be done remotely. Specifically, an integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger the allocation of insufficient memory and a buffer overflow via vectors related to the read packet function.

Recommendations For libxcb versions 1.9 and earlier: Update to a version later than 1.9 to fix the integer overflow issue. For xorg-server versions prior to 1.14.3-r2: Update to version 1.14.3-r2 or later. For libXext versions 1.3.2 and earlier: Update to a version later than 1.3.2. For libX11 versions 1.6.0 and earlier: Update to a version later than 1.6.0. For libXt versions 1.1.4 and earlier: Update to a version later than 1.1.4. For libXfixes versions 5.0.1 and earlier: Update to a version later than 5.0.1. For libXinerama versions 1.1.3 and earlier: Update to a version later than 1.1.3. For libXp versions 1.0.2 and earlier: Update to a version later than 1.0.2. For libXxf86vm versions 1.1.3 and earlier: Update to a version later than 1.1.3. For libXrender versions 0.9.8 and earlier: Update to a version later than 0.9.8. For libXres versions 1.0.7 and earlier: Update to a version later than 1.0.7. For libXrandr versions 1.4.1 and earlier: Update to a version later than 1.4.1. For libXv versions 1.0.9 and earlier: Update to a version later than 1.0.9. For libXi versions 1.7.2 and earlier: Update to a version later than 1.7.2. For libXcursor versions 1.1.14 and earlier: Update to a version later than 1.1.14. For libXtst versions 1.2.2 and earlier: Update to a version later than 1.2.2. For libXvMC versions 1.0.8 and earlier: Update to a version later than 1.0.8. For libX11-common versions 1.6.0 and earlier: Update to a version later than 1.6.0. For xcb-proto versions 1.8 and earlier: Update to a version later than 1.8. For libXxf86dga versions 1.1.4 and earlier: Update to a version later than 1.1.4. For libdmx versions 1.1.3 and earlier: Update to a version later than 1.1.3.