6.8 - USN-1867-1

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	libxv vulnerabilities

Informations
Name	USN-1867-1	First vendor Publication	2013-06-05
Vendor	Ubuntu	Last vendor Modification	2013-06-05
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in libxv.

Software Description: - libxv: X11 Video extension library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 13.04:
libxv1 2:1.0.7-1ubuntu0.13.04.1

Ubuntu 12.10:
libxv1 2:1.0.7-1ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libxv1 2:1.0.6-2ubuntu0.1

After a standard system update you need to restart your session to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1867-1
CVE-2013-1989, CVE-2013-2066

Package Information:
https://launchpad.net/ubuntu/+source/libxv/2:1.0.7-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxv/2:1.0.7-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxv/2:1.0.6-2ubuntu0.1

Original Source

Url : http://www.ubuntu.com/usn/USN-1867-1

CWE : Common Weakness Enumeration

%	Id	Name
50 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
50 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16397

Oval ID:	oval:org.mitre.oval:def:16397
Title:	USN-1867-1 -- libxv vulnerabilities
Description:	Several security issues were fixed in libxv.
Family:	unix	Class:	patch
Reference(s):	usn-1867-1 CVE-2013-1989 CVE-2013-2066	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	libxv
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND libxv1 DPKG is earlier than 2:1.0.7-1ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND libxv1 DPKG is earlier than 2:1.0.7-1ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND libxv1 DPKG is earlier than 2:1.0.6-2ubuntu0.1

Definition Id: oval:org.mitre.oval:def:20047

Oval ID:	oval:org.mitre.oval:def:20047
Title:	DSA-2674-1 libxv - several
Description:	Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
Family:	unix	Class:	patch
Reference(s):	DSA-2674-1 CVE-2013-1989 CVE-2013-2066	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	libxv
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxv DPKG is earlier than 2:1.0.5-1+squeeze1 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND libxv DPKG is earlier than 2:1.0.7-1+deb7u1

Definition Id: oval:org.mitre.oval:def:25861

Oval ID:	oval:org.mitre.oval:def:25861
Title:	SUSE-SU-2013:1104-2 -- Security update for xorg-x11-libXv
Description:	This update of xorg-x11-libXv fixes several integer and buffer overflow issues. Bug 815451/821671 CVE-2013-1989/CVE-2013-2066 Security Issues: * CVE-2013-1989 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989 > * CVE-2013-2066 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1104-2 CVE-2013-1989 CVE-2013-2066	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXv
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXv RPM is earlier than 0:7.4-1.16.2 AND xorg-x11-libXv-32bit RPM is earlier than 0:7.4-1.16.2

Definition Id: oval:org.mitre.oval:def:25897

Oval ID:	oval:org.mitre.oval:def:25897
Title:	SUSE-SU-2013:1104-1 -- Security update for xorg-x11-libXv
Description:	This update of xorg-x11-libXv fixes several integer and buffer overflow issues (bnc#815451, bnc#821671, CVE-2013-1989, CVE-2013-2066).
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1104-1 CVE-2013-1989 CVE-2013-2066	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	xorg-x11-libXv
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xorg-x11-libXv RPM is earlier than 0:7.4-1.16.1 AND xorg-x11-libXv-32bit RPM is earlier than 0:7.4-1.16.1 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed AND xorg-x11-libXv-devel RPM is earlier than 0:7.4-1.16.1

Definition Id: oval:org.mitre.oval:def:25916

Oval ID:	oval:org.mitre.oval:def:25916
Title:	SUSE-SU-2013:1183-1 -- Security update for xorg-x11
Description:	This update of xorg-x11 fixes several security vulnerabilities. * Bug 815451- X.Org Security Advisory: May 23, 2013 * Bug 821664 - libX11 * Bug 821671 - libXv * Bug 821670 - libXt * Bug 821669 - libXrender * Bug 821668 - libXp * Bug 821667 - libXfixes * Bug 821665 - libXext * Bug 821663 - libFS, libXcursor, libXi, libXinerama, libXRes, libXtst, libXvMC, libXxf86dga, libXxf86vm, libdmx
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1183-1 CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2063 CVE-2013-2066	Version:	5
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	xorg-x11
Definition Synopsis:
SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section xorg-x11 RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-Xnest RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-Xvfb RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-Xvnc RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-devel RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-100dpi RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-75dpi RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-cyrillic RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-scalable RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-fonts-syriac RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-libs RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-man RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-server RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-server-glx RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-devel-32bit RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-libs-32bit RPM is earlier than 0:6.9.0-50.84.4 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section xorg-x11-doc RPM is earlier than 0:6.9.0-50.84.4 AND xorg-x11-sdk RPM is earlier than 0:6.9.0-50.84.4

Definition Id: oval:org.mitre.oval:def:26059

Oval ID:	oval:org.mitre.oval:def:26059
Title:	SUSE-SU-2014:0882-1 -- Security update for xorg-x11-libXv
Description:	This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of xorg-x11-libXv, fixing security issues and some bugs.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0882-1 CVE-2013-1989 CVE-2013-2066	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	xorg-x11-libXv
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xorg-x11-libXv RPM is earlier than 0:7.4-1.16.8 AND xorg-x11-libXv-32bit RPM is earlier than 0:7.4-1.16.8

Definition Id: oval:org.mitre.oval:def:26759

Oval ID:	oval:org.mitre.oval:def:26759
Title:	RHSA-2014:1436: X11 client libraries security, bug fix, and enhancement update (Moderate)
Description:	The X11 (Xorg) libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially escalate their privileges on the system. (CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-2003, CVE-2013-2062, CVE-2013-2064) Multiple array index errors, leading to heap-based buffer out-of-bounds write flaws, were found in the way various X11 client libraries handled data returned from an X11 server. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2066) A buffer overflow flaw was found in the way the XListInputDevices() function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1995) A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-2005) Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file. (CVE-2013-2004) The xkeyboard-config package has been upgraded to upstream version 2.11, which provides a number of bug fixes and enhancements over the previous version. (BZ#1077471) This update also fixes the following bugs: * Previously, updating the mesa-libGL package did not update the libX11 package, although it was listed as a dependency of mesa-libGL. This bug has been fixed and updating mesa-libGL now updates all dependent packages as expected. (BZ#1054614) * Previously, closing a customer application could occasionally cause the X Server to terminate unexpectedly. After this update, the X Server no longer hangs when a user closes a customer application. (BZ#971626) All X11 client libraries users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1436-01 CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1995 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2064 CVE-2013-2066 CESA-2014:1436-CentOS 6	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	libX11 libXcursor libXext libXfixes libXi libXinerama libXp libXrandr libXrender libXres libXt libXtst libXv libXvMC libXxf86dga libXxf86vm libdmx libxcb xcb-proto xkeyboard-config xorg-x11-proto-devel xorg-x11-xtrans-devel
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section libX11 is earlier than 0:1.6.0-2.2.el6 AND libX11-common is earlier than 0:1.6.0-2.2.el6 AND libX11-devel is earlier than 0:1.6.0-2.2.el6 AND libXcursor is earlier than 0:1.1.14-2.1.el6 AND libXcursor-devel is earlier than 0:1.1.14-2.1.el6 AND libXext is earlier than 0:1.3.2-2.1.el6 AND libXext-devel is earlier than 0:1.3.2-2.1.el6 AND libXfixes is earlier than 0:5.0.1-2.1.el6 AND libXfixes-devel is earlier than 0:5.0.1-2.1.el6 AND libXi is earlier than 0:1.7.2-2.2.el6 AND libXi-devel is earlier than 0:1.7.2-2.2.el6 AND libXinerama is earlier than 0:1.1.3-2.1.el6 AND libXinerama-devel is earlier than 0:1.1.3-2.1.el6 AND libXp is earlier than 0:1.0.2-2.1.el6 AND libXp-devel is earlier than 0:1.0.2-2.1.el6 AND libXrandr is earlier than 0:1.4.1-2.1.el6 AND libXrandr-devel is earlier than 0:1.4.1-2.1.el6 AND libXrender is earlier than 0:0.9.8-2.1.el6 AND libXrender-devel is earlier than 0:0.9.8-2.1.el6 AND libXres is earlier than 0:1.0.7-2.1.el6 AND libXres-devel is earlier than 0:1.0.7-2.1.el6 AND libXt is earlier than 0:1.1.4-6.1.el6 AND libXt-devel is earlier than 0:1.1.4-6.1.el6 AND libXtst is earlier than 0:1.2.2-2.1.el6 AND libXtst-devel is earlier than 0:1.2.2-2.1.el6 AND libXv is earlier than 0:1.0.9-2.1.el6 AND libXv-devel is earlier than 0:1.0.9-2.1.el6 AND libXvMC is earlier than 0:1.0.8-2.1.el6 AND libXvMC-devel is earlier than 0:1.0.8-2.1.el6 AND libXxf86dga is earlier than 0:1.1.4-2.1.el6 AND libXxf86dga-devel is earlier than 0:1.1.4-2.1.el6 AND libXxf86vm is earlier than 0:1.1.3-2.1.el6 AND libXxf86vm-devel is earlier than 0:1.1.3-2.1.el6 AND libdmx is earlier than 0:1.1.3-3.el6 AND libdmx-devel is earlier than 0:1.1.3-3.el6 AND libxcb is earlier than 0:1.9.1-2.el6 AND libxcb-devel is earlier than 0:1.9.1-2.el6 AND libxcb-doc is earlier than 0:1.9.1-2.el6 AND libxcb-python is earlier than 0:1.9.1-2.el6 AND xcb-proto is earlier than 0:1.8-3.el6 AND xkeyboard-config is earlier than 0:2.11-1.el6 AND xkeyboard-config-devel is earlier than 0:2.11-1.el6 AND xorg-x11-proto-devel is earlier than 0:7.7-9.el6 AND xorg-x11-xtrans-devel is earlier than 0:1.3.4-1.el6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section libX11-debuginfo is earlier than 0:1.6.0-2.2.el6 AND libXcursor-debuginfo is earlier than 0:1.1.14-2.1.el6 AND libXext-debuginfo is earlier than 0:1.3.2-2.1.el6 AND libXfixes-debuginfo is earlier than 0:5.0.1-2.1.el6 AND libXi-debuginfo is earlier than 0:1.7.2-2.2.el6 AND libXinerama-debuginfo is earlier than 0:1.1.3-2.1.el6 AND libXp-debuginfo is earlier than 0:1.0.2-2.1.el6 AND libXrandr-debuginfo is earlier than 0:1.4.1-2.1.el6 AND libXrender-debuginfo is earlier than 0:0.9.8-2.1.el6 AND libXres-debuginfo is earlier than 0:1.0.7-2.1.el6 AND libXt-debuginfo is earlier than 0:1.1.4-6.1.el6 AND libXtst-debuginfo is earlier than 0:1.2.2-2.1.el6 AND libXv-debuginfo is earlier than 0:1.0.9-2.1.el6 AND libXvMC-debuginfo is earlier than 0:1.0.8-2.1.el6 AND libXxf86dga-debuginfo is earlier than 0:1.1.4-2.1.el6 AND libXxf86vm-debuginfo is earlier than 0:1.1.3-2.1.el6 AND libdmx-debuginfo is earlier than 0:1.1.3-3.el6 AND libxcb-debuginfo is earlier than 0:1.9.1-2.el6

CPE : Common Platform Enumeration

Type	Description	Count
Application	X Libxv cpe:2.3:a:x:libxv:1.0.6:::::::* cpe:2.3:a:x:libxv:1.0.5:::::::* cpe:2.3:a:x:libxv:1.0.4:::::::* cpe:2.3:a:x:libxv:1.0.3:::::::* cpe:2.3:a:x:libxv:1.0.2:::::::*	5
Application	X.Org Libxv cpe:2.3:a:x.org:libxv:1.0.7:::::::* cpe:2.3:a:x.org:libxv:1.0.6:::::::* cpe:2.3:a:x.org:libxv:1.0.5:::::::* cpe:2.3:a:x.org:libxv:1.0.4:::::::* cpe:2.3:a:x.org:libxv:1.0.3:::::::* cpe:2.3:a:x.org:libxv:1.0.2:::::::*	6

Nessus® Vulnerability Scanner

Date	Description
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_xorg_20130924.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-452.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1436.nasl - Type : ACT_GATHER_INFO
2014-11-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_X11_client_libraries_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1436.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-491.nasl - Type : ACT_GATHER_INFO
2014-05-16	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201405-07.nasl - Type : ACT_GATHER_INFO
2013-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXv-130612.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11734.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9188.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-libXv-130604.nasl - Type : ACT_GATHER_INFO
2013-06-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1867-1.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2eebebffcd3b11e28f09001b38c3836c.nasl - Type : ACT_GATHER_INFO
2013-05-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-9066.nasl - Type : ACT_GATHER_INFO
2013-05-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2674.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 12:02:06	Multiple Updates
2013-06-17 21:21:30	Multiple Updates
2013-06-16 13:21:21	Multiple Updates
2013-06-16 00:21:29	Multiple Updates
2013-06-05 21:19:24	First insertion

Global Informations

Type	Count
CWE ID(s)	2
Oval ID(s)	7
CPE ID(s)	11
Nessus® Exploit(s)	15

	Related
6.8	CVE-2013-2066
6.8	CVE-2013-1989
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)

6.8 - USN-1867-1

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU