Vulnerabilities > CVE-2019-17624 - Out-of-bounds Write vulnerability in X.Org X Server

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
x-org
CWE-787

Summary

"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed if the X.Org X Server is involved or if there is a stack overflow.

Vulnerable Configurations

Part Description Count
Application
X.Org
234

Common Weakness Enumeration (CWE)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/154868/xorgxserver1204-overflow.txt
idPACKETSTORM:154868
last seen2019-10-16
published2019-10-16
reporterMarcelo Vazquez
sourcehttps://packetstormsecurity.com/files/154868/X.Org-X-Server-1.20.4-Local-Stack-Overflow.html
titleX.Org X Server 1.20.4 Local Stack Overflow