Uninitialized Pointer and Memory Corruption Vulnerability in X.org libXt

Uninitialized Pointer and Memory Corruption Vulnerability in X.org libXt

CVE-2013-2005 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.

Learn more about our Cis Benchmark Audit For Server Software.