Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Pedro Ribeiro discovered that the X.Org X server incorrectly handled
memory operations when handling ImageText requests. An attacker could
use this issue to cause X.Org to crash, or to possibly execute
arbitrary code. (CVE-2013-4396)
It was discovered that non-root X.Org X servers such as Xephyr
incorrectly used cached xkb files. A local attacker could use this
flaw to cause a xkb cache file to be loaded by another user, resulting
in a denial of service. (CVE-2013-1056).
Update the affected xserver-xorg-core, xserver-xorg-core-lts-quantal
and / or xserver-xorg-core-lts-raring packages.
Risk factor :
Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.7
Public Exploit Available : false