oval:org.mitre.oval:def:25467

Definition Id: oval:org.mitre.oval:def:25467
 
Oval ID: oval:org.mitre.oval:def:25467
Title: SUSE-SU-2014:0744-1 -- Security update for xorg-x11-server
Description: This is a SLES 11 SP1 LTSS rollup update for the X.Org Server package. The following security issues have been fixed: * CVE-2013-6424: Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allowed context-dependent attackers to cause a denial of service (crash) via a negative bottom value. * CVE-2013-4396: Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allowed remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. * CVE-2013-1940: X.Org X server did not properly restrict access to input events when adding a new hot-plug device, which might have allowed physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0744-1
CVE-2013-6424
CVE-2013-4396
CVE-2013-1940
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): xorg-x11-server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17270
 
Oval ID: oval:org.mitre.oval:def:17270
Title: SUSE Linux Enterprise Server 11.x is installed
Description: SUSE Linux Enterprise Server 11.x is installed.
Family: unix Class: inventory
Reference(s): cpe:/o:novell:suse_linux:11::server
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:25467