CVE-2013-2005
Description
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
Risk Information
Base Score
5.6
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.679
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| X11 toolkit intrinsics library (USN-1865-1) libxt6_1.1.1-2ubuntu0.1_i386.deb | Linux |
| X11 toolkit intrinsics library (USN-1865-1) libxt6_1.1.1-2ubuntu0.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234