CVE-2013-1992 libdmx: Multiple integer overflows leading to heap-based buffer overflows found in the libdmx, an X.Org X11 DMX (Distributed Multihead X) runtime library.

Solution Verified - Updated -

Issue

  • Multiple integer overflows leading to heap-based buffer overflows were found in the libdmx, an X.Org X11 DMX (Distributed Multihead X) runtime library.
  • When a X client is connected to a malicious X server, (modified to return invalid values), it can cause arbirary code execution with the privileges of the user running the X client.
  • Affected functions: DMXGetScreenAttributes(), DMXGetWindowAttributes(), DMXGetInputAttributes()
  • This also occurs in RHEL 6.4 This shows up up as a BZ Bug ID 959074 (CVE-2013-1992)

Environment

  • Red Hat Enterprise Linux 5.9 / 6.4
  • libdmx

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content