CVE-2016-7953

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.

References

http://www.openwall.com/lists/oss-security/2016/10/04/2

http://www.openwall.com/lists/oss-security/2016/10/04/4

http://www.securityfocus.com/bid/93371

http://www.securitytracker.com/id/1036945

https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb

https://lists.fedoraproject.org/archives/list/[email protected]/message/DLZ3CBE3LKTSHIQYM6RKZYJ5PJ5IGTYG/

https://lists.fedoraproject.org/archives/list/[email protected]/message/M4SI52ZOHOK6524DI2TOW4DX6HPKNFNB/

https://lists.x.org/archives/xorg-announce/2016-October/002720.html

https://security.gentoo.org/glsa/201704-03

Details

Source: MITRE

Published: 2016-12-13

Updated: 2017-07-01

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
132163EulerOS 2.0 SP3 : libXvMC (EulerOS-SA-2019-2628)NessusHuawei Local Security Checks
critical
131595EulerOS 2.0 SP2 : libXvMC (EulerOS-SA-2019-2441)NessusHuawei Local Security Checks
critical
99276GLSA-201704-03 : X.Org: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
96034SUSE SLES11 Security Update : xorg-x11-libs (SUSE-SU-2016:3189-1)NessusSuSE Local Security Checks
critical
95648openSUSE Security Update : libXvMC (openSUSE-2016-1424)NessusSuSE Local Security Checks
critical
94939SUSE SLED12 / SLES12 Security Update : X Window System client libraries (SUSE-SU-2016:2828-1)NessusSuSE Local Security Checks
critical
94790Fedora 25 : libXvMC (2016-37b9932690)NessusFedora Local Security Checks
critical
94490Fedora 23 : libXvMC (2016-d286ffb801)NessusFedora Local Security Checks
critical
94439Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : x11 (SSA:2016-305-02)NessusSlackware Local Security Checks
critical
94220openSUSE Security Update : X Window System client libraries (openSUSE-2016-1214)NessusSuSE Local Security Checks
critical
94145Debian DLA-671-1 : libxvmc security updateNessusDebian Local Security Checks
critical
94036SUSE SLED12 / SLES12 Security Update : X Window System client libraries (SUSE-SU-2016:2505-1)NessusSuSE Local Security Checks
critical
93925Fedora 24 : libXvMC (2016-a236cb3315)NessusFedora Local Security Checks
critical