QwikSec

Security Database

CVE

CWE

Training

CVE-2013-2004

Published: Jun 15, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries

mailing-list

x_refsource_MLIST

http://www.x.org/wiki/Development/Security/Advisory-2013-05-23

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.