{ "threat_severity" : "Moderate", "public_date" : "2013-05-23T00:00:00Z", "bugzilla" : { "description" : "libxcb: Integer overflow leading to heap-based buffer overflow", "id" : "960367", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=960367" }, "cvss" : { "cvss_base_score" : "4.3", "cvss_scoring_vector" : "AV:A/AC:H/Au:N/C:P/I:P/A:P", "status" : "verified" }, "cwe" : "CWE-190->CWE-122", "details" : [ "Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libdmx-0:1.1.3-3.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libX11-0:1.6.0-2.2.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libxcb-0:1.9.1-2.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXcursor-0:1.1.14-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXext-0:1.3.2-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXfixes-0:5.0.1-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXi-0:1.7.2-2.2.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXinerama-0:1.1.3-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXp-0:1.0.2-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXrandr-0:1.4.1-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXrender-0:0.9.8-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXres-0:1.0.7-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXt-0:1.1.4-6.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXtst-0:1.2.2-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXv-0:1.0.9-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXvMC-0:1.0.8-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXxf86dga-0:1.1.4-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libXxf86vm-0:1.1.3-2.1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "xcb-proto-0:1.8-3.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "xkeyboard-config-0:2.11-1.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "xorg-x11-proto-devel-0:7.7-9.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1436", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "xorg-x11-xtrans-devel-0:1.3.4-1.el6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-2064\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-2064\nhttp://www.x.org/wiki/Development/Security/Advisory-2013-05-23" ], "name" : "CVE-2013-2064", "csaw" : false }