The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of libX11

computer threat alert CVE-2018-14598 CVE-2018-14599 CVE-2018-14600

libX11: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of libX11.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/08/2018.
Identifiers: bulletinoct2018, CERTFR-2018-AVI-490, CVE-2018-14598, CVE-2018-14599, CVE-2018-14600, DLA-1482-1, DSA-2019-131, FEDORA-2019-6a756fe3a5, openSUSE-SU-2018:2567-1, openSUSE-SU-2018:3012-1, RHSA-2019:2079-01, SSA:2018-233-01, SUSE-SU-2018:2934-1, SUSE-SU-2018:2955-1, SUSE-SU-2018:3102-1, USN-3758-1, USN-3758-2, VIGILANCE-VUL-27057.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of libX11.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-13723

X.Org Server: buffer overflow via xkb

Synthesis of the vulnerability

An attacker can generate a buffer overflow via xkb of X.Org Server, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 05/10/2017.
Identifiers: bulletinjan2018, CVE-2017-13723, DLA-1186-1, DSA-4000-1, SSA:2017-279-03, USN-3453-1, VIGILANCE-VUL-24027.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via xkb of X.Org Server, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity vulnerability CVE-2017-2624 CVE-2017-2625 CVE-2017-2626

X.Org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of X.Org.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 5.
Creation date: 28/02/2017.
Identifiers: CVE-2017-2624, CVE-2017-2625, CVE-2017-2626, DLA-1186-1, FEDORA-2017-60c4aa0e01, FEDORA-2017-8d369659cb, FEDORA-2017-9a9328c159, FEDORA-2017-bcb1999e65, FEDORA-2017-c02eb668a7, FEDORA-2017-d068b54614, openSUSE-SU-2017:1610-1, openSUSE-SU-2017:1801-1, openSUSE-SU-2017:1802-1, RHSA-2017:1865-01, USN-3362-1, VIGILANCE-VUL-21979, X41-2017-001.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in X.Org.

An attacker can bypass security features via MIT Cookie Brute Force, in order to escalate his privileges. [severity:1/4; CVE-2017-2624]

An attacker can force the usage of a freed memory area via XdmToID(), in order to trigger a denial of service, and possibly to run code. [severity:2/4]

An attacker can bypass security features via libXdmcp, in order to escalate his privileges. [severity:1/4; CVE-2017-2625]

An attacker can bypass security features via libICE, in order to escalate his privileges. [severity:1/4; CVE-2017-2626]

An unknown vulnerability was announced via GenerateRandomData(). [severity:1/4]
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2016-5407 CVE-2016-7942 CVE-2016-7943

X.Org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of X.Org.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 13.
Creation date: 05/10/2016.
Identifiers: bulletinoct2016, CVE-2016-5407, CVE-2016-7942, CVE-2016-7943, CVE-2016-7944, CVE-2016-7945, CVE-2016-7946, CVE-2016-7947, CVE-2016-7948, CVE-2016-7949, CVE-2016-7950, CVE-2016-7951, CVE-2016-7952, CVE-2016-7953, DLA-654-1, DLA-660-1, DLA-664-1, DLA-667-1, DLA-671-1, DLA-684-1, DLA-684-2, DLA-685-1, DLA-685-2, DLA-686-1, FEDORA-2016-0e7694c456, FEDORA-2016-21f0de504c, FEDORA-2016-3b41a9eaa8, FEDORA-2016-49d560da23, FEDORA-2016-5aa206bd16, FEDORA-2016-83040426d6, FEDORA-2016-8877cf648b, FEDORA-2016-a236cb3315, FEDORA-2016-b26b497381, FEDORA-2016-c1d4b1df79, FEDORA-2016-cabb6d7ef7, FEDORA-2016-d045c2c7b3, FEDORA-2016-d286ffb801, FEDORA-2016-ff5a2f4839, openSUSE-SU-2016:2600-1, openSUSE-SU-2016:3031-1, openSUSE-SU-2016:3033-1, openSUSE-SU-2016:3034-1, openSUSE-SU-2016:3036-1, openSUSE-SU-2016:3037-1, openSUSE-SU-2016:3059-1, SSA:2016-305-02, USN-3758-1, USN-3758-2, VIGILANCE-VUL-20768.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in X.Org libraries.

An attacker can force a read at an invalid address via libX11 XGetImage(), in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7942]

An attacker can force a read at an invalid address via libX11 XListFonts(), in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7943]

An attacker can generate an integer overflow via libXfixes, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7944]

An attacker can force a read at an invalid address via libXi, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7945]

An attacker can generate an infinite loop via libXi, in order to trigger a denial of service. [severity:1/4; CVE-2016-7946]

An attacker can generate an integer overflow via libXrandr, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7947]

An attacker can trigger a fatal error via libXrandr, in order to trigger a denial of service. [severity:1/4; CVE-2016-7948]

An attacker can generate a buffer overflow via libXrender, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7949]

An attacker can generate a buffer overflow via libXrender XRenderQueryFilters, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7950]

An attacker can force a read at an invalid address via libXtst XRecord, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7951]

An attacker can generate an infinite loop via libXtst XRecord, in order to trigger a denial of service. [severity:1/4; CVE-2016-7952]

An attacker can generate a memory corruption via libXv, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-5407]

An attacker can force a read at an invalid address via libXvMC, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7953]
Full Vigil@nce bulletin... (Free trial)

security note CVE-2013-7439

libX11: buffer overflow of MakeBigReq

Synthesis of the vulnerability

An attacker can generate a buffer overflow in applications using MakeBigReq() of libX11, in order to trigger a denial of service, and possibly to execute code.
Severity: 2/4.
Creation date: 08/04/2015.
Identifiers: 56508, bulletinjul2015, CVE-2013-7439, DSA-3224-1, USN-2568-1, VIGILANCE-VUL-16554.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The libX11 library uses the MakeBigReq() macro to extend a query.

However, this macro performs a memmove() on 4 bytes past the buffer end. An overflow thus occurs.

An attacker can therefore generate a buffer overflow in applications using MakeBigReq() of libX11, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

security note CVE-2013-1981 CVE-2013-1982 CVE-2013-1983

X.Org: multiple vulnerabilities of libraries

Synthesis of the vulnerability

An attacker can use several vulnerabilities of libraries of X.Org.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 30.
Creation date: 23/05/2013.
Identifiers: BID-60120, BID-60121, BID-60122, BID-60123, BID-60124, BID-60125, BID-60126, BID-60127, BID-60128, BID-60129, BID-60130, BID-60131, BID-60132, BID-60133, BID-60134, BID-60135, BID-60136, BID-60137, BID-60138, BID-60139, BID-60141, BID-60142, BID-60143, BID-60144, BID-60145, BID-60146, BID-60148, BID-60149, c04341797, CERTA-2013-AVI-362, CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-1992, CVE-2013-1993, CVE-2013-1994, CVE-2013-1995, CVE-2013-1996, CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2003, CVE-2013-2004, CVE-2013-2005, CVE-2013-2062, CVE-2013-2063, CVE-2013-2064, CVE-2013-2066, DSA-2673-1, DSA-2674-1, DSA-2675-1, DSA-2675-2, DSA-2676-1, DSA-2677-1, DSA-2678-1, DSA-2679-1, DSA-2680-1, DSA-2681-1, DSA-2682-1, DSA-2683-1, DSA-2684-1, DSA-2685-1, DSA-2686-1, DSA-2687-1, DSA-2688-1, DSA-2689-1, DSA-2690-1, DSA-2691-1, DSA-2692-1, DSA-2693-1, FEDORA-2013-11734, FEDORA-2013-12083, FEDORA-2013-12593, FEDORA-2013-5967, FEDORA-2013-9151, HPSBUX03049, MDVSA-2013:181, MDVSA-2013:182, NetBSD-SA2013-007, openSUSE-SU-2013:0865-1, openSUSE-SU-2013:1007-1, openSUSE-SU-2013:1008-1, openSUSE-SU-2013:1009-1, openSUSE-SU-2013:1010-1, openSUSE-SU-2013:1011-1, openSUSE-SU-2013:1014-1, openSUSE-SU-2013:1025-1, openSUSE-SU-2013:1026-1, openSUSE-SU-2013:1027-1, openSUSE-SU-2013:1028-1, openSUSE-SU-2013:1029-1, openSUSE-SU-2013:1030-1, openSUSE-SU-2013:1031-1, openSUSE-SU-2013:1032-1, openSUSE-SU-2013:1033-1, openSUSE-SU-2013:1034-1, openSUSE-SU-2013:1041-1, openSUSE-SU-2013:1046-1, openSUSE-SU-2013:1047-1, RHSA-2013:0897-01, RHSA-2013:0898-01, RHSA-2014:1436-02, SSA:2017-291-01, SSRT101240, SUSE-SU-2014:0881-1, SUSE-SU-2014:0882-1, SUSE-SU-2014:0883-1, SUSE-SU-2014:0893-1, SUSE-SU-2014:0898-1, SUSE-SU-2014:0900-1, SUSE-SU-2014:0915-1, SUSE-SU-2014:0916-1, SUSE-SU-2014:0919-1, VIGILANCE-VUL-12858.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in X.Org.

An attacker can generate an integer overflow in libX11, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60120, CVE-2013-1981]

An attacker can generate an integer overflow in libXext, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60126, CVE-2013-1982]

An attacker can generate an integer overflow in libXfixes, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60125, CVE-2013-1983]

An attacker can generate an integer overflow in libXi, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60123, CVE-2013-1984]

An attacker can generate an integer overflow in libXinerama, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60128, CVE-2013-1985]

An attacker can generate an integer overflow in libXp, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60131, CVE-2013-2062]

An attacker can generate an integer overflow in libXrandr, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60129, CVE-2013-1986]

An attacker can generate an integer overflow in libXrender, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60132, CVE-2013-1987]

An attacker can generate an integer overflow in libXRes, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60134, CVE-2013-1988]

An attacker can generate an integer overflow in libXtst, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60141, CVE-2013-2063]

An attacker can generate an integer overflow in libXv, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60135, CVE-2013-1989]

An attacker can generate an integer overflow in libXvMC, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60136, CVE-2013-1990]

An attacker can generate an integer overflow in libXxf86dga, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60138, CVE-2013-1991]

An attacker can generate an integer overflow in libdmx, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60142, CVE-2013-1992]

An attacker can generate an integer overflow in libxcb, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60148, CVE-2013-2064]

An attacker can generate an integer overflow in libGLX, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60149, CVE-2013-1993]

An attacker can generate an integer overflow in libchromeXvMC, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2013-1994]

An attacker can generate a memory corruption in libXi, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60124, CVE-2013-1995]

An attacker can generate a memory corruption in libFS, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60130, CVE-2013-1996]

An attacker can generate a buffer overflow in libX11, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60122, CVE-2013-1997]

An attacker can generate a buffer overflow in libXi, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60127, CVE-2013-1998]

An attacker can generate a buffer overflow in libXv, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60143, CVE-2013-2066]

An attacker can generate a buffer overflow in libXvMC, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60144, CVE-2013-1999]

An attacker can generate a buffer overflow in libXxf86dga, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60139, CVE-2013-2000]

An attacker can generate a buffer overflow in libXxf86vm, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60145, CVE-2013-2001]

An attacker can generate a buffer overflow in libXt, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60137, CVE-2013-2002]

An attacker can generate an integer overflow in libX11, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2013-1981]

An attacker can generate an integer overflow in libXcursor, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60121, CVE-2013-2003]

An attacker can trigger a denial of service in libX11. [severity:2/4; BID-60146, CVE-2013-2004]

An attacker can generate a memory corruption in libXt, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-60133, CVE-2013-2005]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2007-1003 CVE-2007-1351 CVE-2007-1352

X.Org, FreeType: integer overflows

Synthesis of the vulnerability

A local attacker can exploit overflows in X in order to elevate his privileges.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 04/04/2007.
Identifiers: 102886, 102888, 20070501-01-P, 6526191, 6538280, 6538282, 6538286, 6538290, 6539893, 6542279, BID-23283, BID-23284, BID-23300, BID-23402, CERTA-2007-AVI-177, CVE-2007-1003, CVE-2007-1351, CVE-2007-1352, CVE-2007-1667, DSA-1294-1, DSA-1454-1, DSA-1858-1, DSA-1903-1, FEDORA-2007-422, FEDORA-2007-423, FEDORA-2007-424, FEDORA-2007-425, FEDORA-2007-426, FEDORA-2007-427, MDKSA-2007:079, MDKSA-2007:079-1, MDKSA-2007:080, MDKSA-2007:080-1, MDKSA-2007:081, MDKSA-2007:081-1, MDKSA-2007:147, RHSA-2007:0125-01, RHSA-2007:0126-01, RHSA-2007:0127-01, RHSA-2007:0132-01, RHSA-2007:0150-01, RHSA-2007:0157-01, SSA:2007-109-01, SSA:2007-110-01, SUSE-SA:2007:027, SUSE-SR:2007:006, SUSE-SR:2007:008, SUSE-SR:2008:08, TLSA-2007-26, VIGILANCE-VUL-6708.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A local attacker can exploit overflows in X in order to elevate his privileges.

The XC-MISC extension is activated by default. A malicious client can create an integer overflow in ProcXCMiscGetXIDList(). [severity:3/4; BID-23284, CERTA-2007-AVI-177, CVE-2007-1003]

An attacker can create a BDF font generating an integer overflow in bdfReadCharacters() function of bdfread.c. This vulnerability also affects Freetype. [severity:3/4; BID-23283, CVE-2007-1351]

An attacker can create a font whose fonts.dir field generates an integer overflow in bdfReadCharacters() function. [severity:3/4; BID-23283, CVE-2007-1352]

The XInitImage() function of ImUtils.c does not correctly check its parameters. An attacker can create a malicous image and invite victim to see it with a software such as xwud or ImageMagick to generate an integer overflow. [severity:3/4; BID-23300, CVE-2007-1667]

These integer overflows lead to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2006-5397

libX11: descriptor leak

Synthesis of the vulnerability

A file descriptor is unnecessarily opened in libX11, but permits an attacker to access a file.
Severity: 2/4.
Creation date: 02/11/2006.
Identifiers: 8699, BID-20845, CVE-2006-5397, MDKSA-2006:199, VIGILANCE-VUL-6273.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The modules/im/ximcp/imLcIm.c file of libX11 manages input methods (generally used for Asian characters).

The XCOMPOSEFILE environment variable indicates the name of a file defining how to compose characters, by pressing several keys.

The file indicated by this variable is incorrectly opened twice in the XimCreateDefaultTree() function of imLcIm.c. The first file descriptor is never closed.

A local attacker can thus set XCOMPOSEFILE, then run a suid/sgid program linked with libX11 (such as xterm), in order to open the file, then to access its descriptor. The attacker can thus read its content.
Full Vigil@nce bulletin... (Free trial)

cybersecurity note CVE-2006-4447

X.Org: privilege elevation via setuid

Synthesis of the vulnerability

In some cases, programs of X.Org do not loose their root privileges.
Severity: 2/4.
Creation date: 27/07/2006.
Identifiers: CERTA-2006-AVI-454, CVE-2006-4447, DSA-1193-1, MDKSA-2006:160, VIGILANCE-VUL-6043.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The X.Org environment provide several tools which can be suid root: X server, xdm, xterm.

They call the setuid() function to loose their privileges. However, this function can fail (as described in VIGILANCE-VUL-807, or limiting the number of processes a user is allowed to run). As the error code is not checked, program continues to execute with root privileges.

This vulnerability therefore permits a local attacker to obtain root rights.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about libX11: