CVE-2013-7439

Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.

Published: Apr 16, 2015
Updated: Apr 13, 2023
CVE: CVE-2013-7439
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
x.org / libx11	1.3.2	1.3.2.x
x.org / libx11	1.0.2	1.0.2.x
x.org / libx11	1.4.1	1.4.1.x
x.org / libx11	1.1.99.1	1.1.99.1.x
x.org / libx11	1.2	1.2.x
x.org / libx11	1.3.4	1.3.4.x
x.org / libx11	1.1-rc1	1.1-rc1.x
x.org / libx11	1.3.3	1.3.3.x
x.org / libx11	1.1.99.2	1.1.99.2.x
x.org / libx11	1.3.1	1.3.1.x
x.org / libx11	1.0.1	1.0.1.x
x.org / libx11	1.2.2	1.2.2.x
x.org / libx11	1.1.5	1.1.5.x
x.org / libx11	1.4.0	1.4.0.x
x.org / libx11	1.5.0	1.5.0.x
x.org / libx11	1.5.99.901	1.5.99.901.x
x.org / libx11	1.3	1.3.x
x.org / libx11	1.3.99.902	1.3.99.902.x
x.org / libx11	1.1	1.1.x
x.org / libx11	1.3.99.903	1.3.99.903.x
x.org / libx11	1.1.4	1.1.4.x
x.org / libx11	1.4.4	1.4.4.x
x.org / libx11	1.1.6	1.1.6.x
x.org / libx11	1.0.3	1.0.3.x
x.org / libx11	1.1-rc2	1.1-rc2.x
x.org / libx11	1.4.99.902	1.4.99.902.x
x.org / libx11	1.5.99.902	1.5.99.902.x
x.org / libx11	1.4.3	1.4.3.x
x.org / libx11	1.4.99.901	1.4.99.901.x
x.org / libx11	1.2.1	1.2.1.x
x.org / libx11	1.4.2	1.4.2.x
x.org / libx11	1.3.6	1.3.6.x
x.org / libx11	1.3.5	1.3.5.x
x.org / libx11	1.3.99.901	1.3.99.901.x
canonical / ubuntu_linux	12.04	12.04.x
debian / debian_linux	7.0	7.0.x
canonical / ubuntu_linux	14.10	14.10.x
canonical / ubuntu_linux	14.04	14.04.x
x.org / x11	6.8.0	6.8.0.x
x.org / x11	6.0	6.0.x
x.org / x11	6.4	6.4.x
x.org / x11	6.5.1	6.5.1.x
x.org / x11	6.3	6.3.x
x.org / x11	6.7	6.7.x
x.org / x11	6.8.1	6.8.1.x
x.org / x11	6.9	6.9.x
x.org / x11	6.6	6.6.x
x.org / x11	6.8.2	6.8.2.x
x.org / x11	6.1	6.1.x

Vulnerability Database

289,697

CVE-2013-7439