Your submission was sent successfully! Close

CVE-2013-7439

Published: 9 April 2015

Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.

Priority

Medium

Status

Package Release Status
libx11
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (2:1.4.99.1-0ubuntu2.3)
trusty Not vulnerable

upstream Needs triage

utopic Not vulnerable

libxrender
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (1:0.9.6-2ubuntu0.2)
trusty
Released (1:0.9.8-1build0.14.04.1)
upstream Needs triage

utopic
Released (1:0.9.8-1build0.14.10.1)