OpenCVE

The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
X	X.org X11
Xfree86	Xfree86

Configuration 1 [-]

OR	cpe:2.3:a:x:x.org_x11:6.0:::::::*
	cpe:2.3:a:x:x.org_x11:6.1:::::::*
	cpe:2.3:a:x:x.org_x11:6.3:::::::*
	cpe:2.3:a:x:x.org_x11:6.4:::::::*
	cpe:2.3:a:x:x.org_x11:6.5.1:::::::*
	cpe:2.3:a:x:x.org_x11:6.6:::::::*

Configuration 2 [-]

cpe:2.3:a:xfree86:xfree86:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://invisible-island.net/ansification/ansify-xfs-cve.html
http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html
http://marc.info/?l=bugtraq&m=135765511704334&w=2
http://twitter.com/bsdaemon/status/228958599790071809
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of
https://bugzilla.redhat.com/show_bug.cgi?id=842841
https://nvd.nist.gov/vuln/detail/CVE-2012-1699
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369
https://www.cve.org/CVERecord?id=CVE-2012-1699

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-12-21T02:00:00

Updated: 2024-08-06T19:08:38.483Z

Reserved: 2012-03-16T00:00:00

Link: CVE-2012-1699

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-12-21T05:46:15.493

Modified: 2017-09-19T01:34:47.323

Link: CVE-2012-1699

Redhat

Severity : Low

Publid Date: 2012-07-24T00:00:00Z

Links: CVE-2012-1699 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-07-24T00:00:00", "descriptions": [{"lang": "en", "value": "The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "oval:org.mitre.oval:def:19369", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"}, {"tags": ["x_refsource_MISC"], "url": "http://twitter.com/bsdaemon/status/228958599790071809"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"}, {"name": "HPSBUX02829", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"name": "SSRT100883", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"}, {"name": "[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86\t3.3.3", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"}, {"tags": ["x_refsource_MISC"], "url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2012-1699", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:19369", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"}, {"name": "http://twitter.com/bsdaemon/status/228958599790071809", "refsource": "MISC", "url": "http://twitter.com/bsdaemon/status/228958599790071809"}, {"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of", "refsource": "CONFIRM", "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"}, {"name": "HPSBUX02829", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"name": "SSRT100883", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=842841", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"}, {"name": "[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86\t3.3.3", "refsource": "MLIST", "url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"}, {"name": "http://invisible-island.net/ansification/ansify-xfs-cve.html", "refsource": "MISC", "url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:08:38.483Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:19369", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://twitter.com/bsdaemon/status/228958599790071809"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"}, {"name": "HPSBUX02829", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"name": "SSRT100883", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"}, {"name": "[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86\t3.3.3", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2012-1699", "datePublished": "2012-12-21T02:00:00", "dateReserved": "2012-03-16T00:00:00", "dateUpdated": "2024-08-06T19:08:38.483Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:x:x.org_x11:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "65F124DB-D9B5-4470-AAB9-24DF998D01A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CD09288-DCC6-4C43-B31C-8056AB319F1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "938CB0B0-FF9E-418B-93F6-3AC17A5D0D53", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "26097D33-E3CF-4F5D-A4B0-B3EF384A15CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA8AEBCE-AD1B-4FE8-A3BA-228D0E5CD1F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "ACB34DA6-F07C-4AB4-8356-0CA500A5E609", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xfree86:xfree86:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD050455-8E7E-4BCF-A4AC-60A509762F39", "versionEndIncluding": "3.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference."}, {"lang": "es", "value": "La funci\u00f3n ProcSetEventMask en DEFI/events.c en el servidor de fuentes xfs para X.Org X11R6.6 y X11R6 hasta XFree86 antes de 3.3.3 llama a la funci\u00f3n SendErrToClient con un valor de m\u00e1scara en lugar de un puntero, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda) u obtener informaci\u00f3n sensible de la memoria a trav\u00e9s de una solicitud SetEventMask que dispara una desreferencia de puntero no v\u00e1lido."}], "id": "CVE-2012-1699", "lastModified": "2017-09-19T01:34:47.323", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-12-21T05:46:15.493", "references": [{"source": "secalert_us@oracle.com", "url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"}, {"source": "secalert_us@oracle.com", "url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"}, {"source": "secalert_us@oracle.com", "url": "http://marc.info/?l=bugtraq&m=135765511704334&w=2"}, {"source": "secalert_us@oracle.com", "url": "http://twitter.com/bsdaemon/status/228958599790071809"}, {"source": "secalert_us@oracle.com", "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"}, {"source": "secalert_us@oracle.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"}, {"source": "secalert_us@oracle.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}