Vulnerabilities > CVE-2013-1994 - Numeric Errors vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2679.NASL description Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service. last seen 2020-03-17 modified 2013-05-24 plugin id 66563 published 2013-05-24 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66563 title Debian DSA-2679-1 : xserver-xorg-video-openchrome - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2679. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(66563); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-1994"); script_xref(name:"DSA", value:"2679"); script_name(english:"Debian DSA-2679-1 : xserver-xorg-video-openchrome - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service." ); # https://packages.debian.org/source/squeeze/xserver-xorg-video-openchrome script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ab3bf13f" ); # https://packages.debian.org/source/wheezy/xserver-xorg-video-openchrome script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1a9d4d6f" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2013/dsa-2679" ); script_set_attribute( attribute:"solution", value: "Upgrade the xserver-xorg-video-openchrome packages. For the oldstable distribution (squeeze), this problem has been fixed in version 1:0.2.904+svn842-2+squeeze1. For the stable distribution (wheezy), this problem has been fixed in version 1:0.2.906-2+deb7u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xserver-xorg-video-openchrome"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2013/05/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"xserver-xorg-video-openchrome", reference:"1:0.2.904+svn842-2+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"xserver-xorg-video-via", reference:"1:0.2.904+svn842-2+squeeze1")) flag++; if (deb_check(release:"7.0", prefix:"xserver-xorg-video-openchrome", reference:"1:0.2.906-2+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"xserver-xorg-video-openchrome-dbg", reference:"1:0.2.906-2+deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1871-1.NASL description Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 66858 published 2013-06-11 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66858 title Ubuntu 12.04 LTS / 12.10 / 13.04 : xserver-xorg-video-openchrome, xserver-xorg-video-openchrome-lts-quantal vulnerability (USN-1871-1) NASL family Fedora Local Security Checks NASL id FEDORA_2013-9138.NASL description - Fix integer overflow in libchromeXvMC (CVE-2013-1994). - Various bug fixes and improvements. Update to latest upstream release. For details, see http://cgit.freedesktop.org/openchrome/xf86-video-open chrome/tree/NEWS?id=release_0_3_3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-06-02 plugin id 66733 published 2013-06-02 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66733 title Fedora 17 : xorg-x11-drv-openchrome-0.3.3-1.fc17 (2013-9138) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_2EEBEBFFCD3B11E28F09001B38C3836C.NASL description freedesktop.org reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org last seen 2020-06-01 modified 2020-06-02 plugin id 66798 published 2013-06-05 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66798 title FreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c) NASL family Fedora Local Security Checks NASL id FEDORA_2013-9114.NASL description - Fix integer overflow in libchromeXvMC (CVE-2013-1994). - Various bug fixes and improvements. Update to latest upstream release. For details, see http://cgit.freedesktop.org/openchrome/xf86-video-open chrome/tree/NEWS?id=release_0_3_3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-06-02 plugin id 66730 published 2013-06-02 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66730 title Fedora 18 : xorg-x11-drv-openchrome-0.3.3-1.fc18 (2013-9114) NASL family Fedora Local Security Checks NASL id FEDORA_2013-8991.NASL description - Fix integer overflow in libchromeXvMC (CVE-2013-1994). - Various bug fixes and improvements. Update to latest upstream release. For details, see http://cgit.freedesktop.org/openchrome/xf86-video-open chrome/tree/NEWS?id=release_0_3_3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-06-02 plugin id 66728 published 2013-06-02 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/66728 title Fedora 19 : xorg-x11-drv-openchrome-0.3.3-1.fc19 (2013-8991) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201405-07.NASL description The remote host is affected by the vulnerability described in GLSA-201405-07 (X.Org X Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 74028 published 2014-05-16 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74028 title GLSA-201405-07 : X.Org X Server: Multiple vulnerabilities
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|