Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2013-4396

Published: 10 October 2013

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Priority

Medium

Status

Package Release Status
xorg-server
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise
Released (2:1.11.4-0ubuntu10.14)
quantal
Released (2:1.13.0-0ubuntu6.4)
raring
Released (2:1.13.3-0ubuntu6.2)
upstream
Released (2:1.14.3-4)
xorg-server-lts-quantal
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (2:1.13.0-0ubuntu6.1~precise4)
quantal Does not exist

raring Does not exist

upstream Needs triage

xorg-server-lts-raring
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (2:1.13.3-0ubuntu6~precise3)
quantal Does not exist

raring Does not exist

upstream Needs triage