Vulnerability CVE-2014-8097: Information

Description

The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function.

Severity: MEDIUM (6.5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-8097

Published: Dec. 10, 2014

Modified: Feb. 13, 2023

Error type identifier: CWE-119

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
xorg-server	sisyphus	1.16.2.901-alt1	21.1.13-alt1	ALT-PU-2014-2434-1	136217	Fixed
xorg-server	p10	1.16.2.901-alt1	1.20.14-alt13	ALT-PU-2014-2434-1	136217	Fixed
xorg-server	p9	1.16.2.901-alt1	1.20.8-alt12	ALT-PU-2014-2434-1	136217	Fixed
xorg-server	c10f1	1.16.2.901-alt1	1.20.14-alt12	ALT-PU-2014-2434-1	136217	Fixed
xorg-server	c9f2	1.16.2.901-alt1	1.20.8-alt12	ALT-PU-2014-2434-1	136217	Fixed
xorg-server	c7	1.14.5-alt3.M70C.4	1.14.5-alt3.M70C.4	ALT-PU-2017-2473-1	191181	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/	Patch Vendor Advisory
62292
DSA-3095
http://advisories.mageia.org/MGASA-2014-0532.html
MDVSA-2015:119
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
GLSA-201504-06
71604
61947

Affected configurations:
1. Configuration 1
  cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*
  End including
  1.16.2.99.901
  
  Configuration 2
  cpe:2.3:a:x.org:x11:6.1:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2014-8097: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2