Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106862.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00141.html
http://www.debian.org/security/2013/dsa-2677
http://www.openwall.com/lists/oss-security/2013/05/23/3
http://www.securityfocus.com/bid/60132
http://www.ubuntu.com/usn/USN-1863-1
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
OR
cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
OR
OR
cpe:2.3:a:x:libxrender:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:x:libxrender:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:x:libxrender:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:x:libxrender:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:x:libxrender:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:x:libxrender:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:x:libxrender:*:*:*:*:*:*:*:* versions up to 0.9.7 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
99930 | Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32) | Nessus | Misc. | high |
80819 | Oracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org) | Nessus | Solaris Local Security Checks | medium |
79560 | Amazon Linux AMI : libX11 / libXcursor,libXfixes,libXi,libXrandr,libXrender,libXres,libXt,libXv,libXvMC,libXxf86dga,libXxf86vm,libdmx,xorg-x11-proto-devel (ALAS-2014-452) | Nessus | Amazon Linux Local Security Checks | medium |
79182 | CentOS 6 : libX11 / libXcursor / libXext / libXfixes / libXi / libXinerama / libXp / libXrandr / etc (CESA-2014:1436) | Nessus | CentOS Local Security Checks | medium |
78841 | Scientific Linux Security Update : X11 client libraries on SL6.x i386/x86_64 (20141014) | Nessus | Scientific Linux Local Security Checks | medium |
78411 | RHEL 6 : X11 client libraries (RHSA-2014:1436) | Nessus | Red Hat Local Security Checks | medium |
75030 | openSUSE Security Update : libXrender (openSUSE-SU-2013:1011-1) | Nessus | SuSE Local Security Checks | medium |
74028 | GLSA-201405-07 : X.Org X Server: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
69115 | SuSE 11.3 Security Update : xorg-x11-libXrender (SAT Patch Number 7939) | Nessus | SuSE Local Security Checks | medium |
67256 | SuSE 10 Security Update : xorg-x11 (ZYPP Patch Number 8623) | Nessus | SuSE Local Security Checks | medium |
67111 | SuSE 11.2 Security Update : xorg-x11-libXrender (SAT Patch Number 7809) | Nessus | SuSE Local Security Checks | medium |
66827 | Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : libxrender vulnerability (USN-1863-1) | Nessus | Ubuntu Local Security Checks | medium |
66798 | FreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c) | Nessus | FreeBSD Local Security Checks | medium |
66743 | Fedora 18 : libXrender-0.9.7-5.20130524git786f78fd8.fc18 (2013-9107) | Nessus | Fedora Local Security Checks | medium |
66621 | Fedora 19 : libXrender-0.9.7-5.20130524git786f78fd8.fc19 (2013-9052) | Nessus | Fedora Local Security Checks | medium |
66561 | Debian DSA-2677-1 : libxrender - several vulnerabilities | Nessus | Debian Local Security Checks | medium |