Skip to navigation

CVE Database

CVE-2013-2062

Impact: Moderate
Public: 2013-05-23
Bugzilla: 960362: CVE-2013-2062 libXp: Integer overflow leading to heap-based buffer overlow

Details

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.

Find out more about CVE-2013-2062 from the MITRE CVE dictionary and NIST NVD.

Statement

The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw in libXp.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score: 4.3
Base Metrics: AV:A/AC:H/Au:N/C:P/I:P/A:P
Access Vector: Adjacent Network
Access Complexity: High
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: Partial
Availability Impact: Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat security errata

Platform Errata Release Date

External References

http://www.x.org/wiki/Development/Security/Advisory-2013-05-23

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.