Skip to navigation

CVE Database

CVE-2013-1990

Impact: Moderate
Public: 2013-05-23
Bugzilla: 959070: CVE-2013-1990 libXvMC: Multiple integer overflows leading to heap-based buffer overflows

Details

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.

Find out more about CVE-2013-1990 from the MITRE CVE dictionary and NIST NVD.

Statement

The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw in libXvMC.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score: 4.3
Base Metrics: AV:A/AC:H/Au:N/C:P/I:P/A:P
Access Vector: Adjacent Network
Access Complexity: High
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: Partial
Availability Impact: Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat security errata

Platform Errata Release Date

External References

http://www.x.org/wiki/Development/Security/Advisory-2013-05-23

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.