← Back

CVE-2013-4396

nvd nist
Published: Oct 10, 2013Modified: Apr 29, 2026

JSON object

Loading...
6.5
Vector
AV:N/AC:L/Au:S/C:P/I:P/A:P
Exploitability: 8.0 / Impact: 6.4
Source: NVD

Description

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Affected (22)

Products: X: X.org X11
X
1 product
X.org X11
Configuration A
22 vulnerable
Vulnerable SoftwareAffected Versions
X
X.org X11
Version 6.0
X.org X11
Version 6.1
X.org X11
Version 6.3
X.org X11
Version 6.4
X.org X11
Version 6.5.1
X.org X11
Version 6.6
X.org X11
Version 6.7
X.org X11
Version 6.8.1
X.org X11
Version 6.8.2
X.org X11
Version 6.8
X.org X11
Version 6.9.0
X.org X11
Version 7.0
X.org X11
Version 7.1
X.org X11
Version 7.2
X.org X11
Version 7.3
X.org X11
Version 7.4
X.org X11
Version 7.5
X.org X11
Version 7.5 rc1
X.org X11
Version 7.6
X.org X11
Version 7.6 rc1
X.org X11
Version 7.7
X.org X11
Version 7.7 rc1

Related CWEs

CWE-399
CWE-399

References (18)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.