CVE-2013-4396

Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 1.14.4 xorg-server versions prior to 1.14.3-r2

Description The issue is related to a use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module. This vulnerability can be exploited by remote authenticated users via a crafted ImageText request, potentially leading to a denial of service (daemon crash) or execution of arbitrary code. Additionally, multiple vulnerabilities in the xorg-server package may compromise the confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For versions prior to 1.14.4, update to version 1.14.4 or later. For versions prior to 1.14.3-r2, update to version 1.14.3-r2 or later. As a temporary workaround, consider restricting access to the xorg-server module until a patch is available.