CVE-2013-1992 libdmx: Multiple integer overflows leading to heap-based buffer overflows found in the libdmx, an X.Org X11 DMX (Distributed Multihead X) runtime library.

Solution Verified - Updated -

Issue

  • Multiple integer overflows leading to heap-based buffer overflows were found in the libdmx, an X.Org X11 DMX (Distributed Multihead X) runtime library.
  • When a X client is connected to a malicious X server, (modified to return invalid values), it can cause arbirary code execution with the privileges of the user running the X client.
  • Affected functions: DMXGetScreenAttributes(), DMXGetWindowAttributes(), DMXGetInputAttributes()
  • This also occurs in RHEL 6.4 This shows up up as a BZ Bug ID 959074 (CVE-2013-1992)

Environment

  • Red Hat Enterprise Linux 5.9 / 6.4
  • libdmx

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.