CentOS Update For Xorg-x11-server-common CESA-2013:1426 Centos6 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2013-4396) Red Hat would like to thank the X.Org security team for reporting this issue. Upstream acknowledges Pedro Ribeiro as the original reporter. All xorg-x11-server users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Affected

xorg-x11-server-common on CentOS 6

References

http://lists.centos.org/pipermail/centos-announce/2013-October/019973.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-4396
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0308 (cups)
CentOS Security Advisory CESA-2009:1535 (pidgin)
CentOS Update for acpid CESA-2009:1642 centos5 i386
CentOS Security Advisory CESA-2009:1428 (xmlsec1)
CentOS Security Advisory CESA-2009:0436 (firefox)

CentOS Update for xorg-x11-server-common CESA-2013:1426 centos6

Take action and discover your vulnerabilities