Buffer overflow in X.org X_server

CVE-2014-8103

X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index va…

Vulnerability class: Buffer Overflow

EPSS: 0.018 (83.1th percentile) — read the EPSS interpretation.

Affected products

X.org X_server — versions 1.15.0, 1.15.0.901, 1.15.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
GLSA-201504-06 (vendor-advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_CONFIRM)
61947 (x_refsource_SECUNIA, third-party-advisory)