Buffer overflow in X.org X11

CVE-2014-8099

The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write)…

Vulnerability class: Buffer Overflow

EPSS: 0.013 (80.4th percentile) — read the EPSS interpretation.

Affected products

X.org X11 — versions 6.7
X.org Xfree86 — versions 4.0
X.org X_server
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

DSA-3095 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)
GLSA-201504-06 (vendor-advisory, x_refsource_GENTOO)
62292 (x_refsource_SECUNIA, third-party-advisory)
71600 (vdb-entry, x_refsource_BID)
MDVSA-2015:119 (vendor-advisory, x_refsource_MANDRIVA)
secalert@redhat.com (x_refsource_CONFIRM)
61947 (x_refsource_SECUNIA, third-party-advisory)