{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-10-08T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "openSUSE-SU-2013:1610", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html"}, {"name": "RHSA-2013:1426", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1426.html"}, {"name": "openSUSE-SU-2013:1614", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html"}, {"name": "DSA-2784", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2784"}, {"name": "USN-1990-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1990-1"}, {"name": "62892", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/62892"}, {"name": "[oss-security] 20131008 Fwd: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2013/10/08/6"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561"}, {"name": "[xorg-announce] 20131008 X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.x.org/archives/xorg-announce/2013-October/002332.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4396", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2013:1610", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html"}, {"name": "RHSA-2013:1426", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1426.html"}, {"name": "openSUSE-SU-2013:1614", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html"}, {"name": "DSA-2784", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2784"}, {"name": "USN-1990-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1990-1"}, {"name": "62892", "refsource": "BID", "url": "http://www.securityfocus.com/bid/62892"}, {"name": "[oss-security] 20131008 Fwd: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2013/10/08/6"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561"}, {"name": "[xorg-announce] 20131008 X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests", "refsource": "MLIST", "url": "http://lists.x.org/archives/xorg-announce/2013-October/002332.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:45:12.730Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2013:1610", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html"}, {"name": "RHSA-2013:1426", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1426.html"}, {"name": "openSUSE-SU-2013:1614", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html"}, {"name": "DSA-2784", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2013/dsa-2784"}, {"name": "USN-1990-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1990-1"}, {"name": "62892", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/62892"}, {"name": "[oss-security] 20131008 Fwd: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2013/10/08/6"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561"}, {"name": "[xorg-announce] 20131008 X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.x.org/archives/xorg-announce/2013-October/002332.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4396", "datePublished": "2013-10-10T10:00:00", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2024-08-06T16:45:12.730Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:x:x.org_x11:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "65F124DB-D9B5-4470-AAB9-24DF998D01A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CD09288-DCC6-4C43-B31C-8056AB319F1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "938CB0B0-FF9E-418B-93F6-3AC17A5D0D53", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "26097D33-E3CF-4F5D-A4B0-B3EF384A15CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA8AEBCE-AD1B-4FE8-A3BA-228D0E5CD1F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "ACB34DA6-F07C-4AB4-8356-0CA500A5E609", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "AABE653B-D60C-4DAE-8C59-640CCA8E29E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "A376D24F-C30B-4588-8727-6F4C79257D4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "31D33FE0-4A26-419F-8BDC-F4D6FEDE340B", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "5A1134B7-C534-4A92-B83F-54CDF99434A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:6.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "08C160D7-A821-41D9-B5B5-66F119543FA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "09B4D961-C351-483B-B769-ECE98E28A3C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B93FCD1-0E9D-4BD9-A939-A1D13A06FDB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "C01EC0B7-8B16-46D1-BC45-126BC56F7337", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "F03B0C6D-1709-4EDA-8EC9-5ACA30BF4806", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "A1ED2589-35D2-4F61-8E08-808E36F6D64C", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D39DF9B-2EE4-446E-956C-46D090D93DE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.5:rc1:*:*:*:*:*:*", "matchCriteriaId": "7659F139-6C75-4BAE-91B5-BE9C69B0606B", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "2F862B02-1BA8-4664-9A76-134D89DCA2E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "685174BE-2C3F-4F64-93E7-74F9FF402D63", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "CF505976-A4BD-46CC-8080-B04FA107E336", "vulnerable": true}, {"criteria": "cpe:2.3:a:x:x.org_x11:7.7:rc1:*:*:*:*:*:*", "matchCriteriaId": "3E729807-0253-4B31-A9C2-B7FBB8954BD9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n dolmageText en dix/dixfonts.c del m\u00f3dulo xorg-server anterior a la versi\u00f3n 1.14.4 en X.Org X11 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (cuelgue del demonio) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una petici\u00f3n ImageText manipulada que provoque un fallo de reubicaci\u00f3n de memoria."}], "evaluatorComment": "Per:  https://bugzilla.redhat.com/show_bug.cgi?id=1014561\n\n\"' A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges.'", "id": "CVE-2013-4396", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-10-10T10:55:06.473", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://lists.x.org/archives/xorg-announce/2013-October/002332.html"}, {"source": "secalert@redhat.com", "url": "http://openwall.com/lists/oss-security/2013/10/08/6"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-1426.html"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2013/dsa-2784"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/62892"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1990-1"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.x.org/archives/xorg-announce/2013-October/002332.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2013/10/08/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2013-1426.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2013/dsa-2784"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/62892"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1990-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank X.Org security team for reporting this issue. Upstream acknowledges Pedro Ribeiro as the original reporter.", "affected_release": [{"advisory": "RHSA-2013:1426", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "xorg-x11-server-0:1.1.1-48.101.el5_10.1", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2013-10-15T00:00:00Z"}, {"advisory": "RHSA-2013:1426", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "xorg-x11-server-0:1.13.0-11.1.el6_4.2", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-10-15T00:00:00Z"}], "bugzilla": {"description": "xorg-x11-server: use-after-free flaw when handling ImageText requests", "id": "1014561", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014561"}, "csaw": false, "cvss": {"cvss_base_score": "7.4", "cvss_scoring_vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "status": "verified"}, "cwe": "CWE-416", "details": ["Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure."], "name": "CVE-2013-4396", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "xorg-x11-server", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2013-10-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-4396\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4396"], "threat_severity": "Important"}