Vulnerability Details : CVE-2012-1699
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
Vulnerability category: OverflowMemory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2012-1699
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-1699
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:P |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2012-1699
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-1699
-
http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html
X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86 3.3.3
-
https://bugzilla.redhat.com/show_bug.cgi?id=842841
842841 – (CVE-2012-1699) CVE-2012-1699 xorg-x11: DoS and information leak in xfs prior to X11R6.7
-
http://marc.info/?l=bugtraq&m=135765511704334&w=2
'[security bulletin] HPSBUX02829 SSRT100883 rev.1 - HP-UX Running X Font Server (xfs) Software, Local' - MARC
-
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of
CVE-2012-1699 Denial of Service (DoS) vulnerability in X.Org | Oracle Third Party Vulnerability Resolution Blog
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369
Repository / Oval Repository
-
http://invisible-island.net/ansification/ansify-xfs-cve.html
ANSI-fication revisited for CVE-2012-1699
-
http://twitter.com/bsdaemon/status/228958599790071809
Rodrigo Branco on Twitter: "CVE-2012-1699 finally released by Oracle. Solaris 9 http://t.co/96ysMsHm full memleak"
Products affected by CVE-2012-1699
- cpe:2.3:a:x:x.org_x11:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:x:x.org_x11:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:xfree86:xfree86:*:*:*:*:*:*:*:*