Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.
References
Configurations
History
13 Feb 2023, 00:42
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write. |
02 Feb 2023, 20:18
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. |
Information
Published : 2014-12-10 15:59
Updated : 2023-12-10 11:31
NVD link : CVE-2014-8092
Mitre link : CVE-2014-8092
CVE.ORG link : CVE-2014-8092
JSON object : View
Products Affected
x.org
- x11
- xorg-server
CWE