ByteOS Network

NVD Vulnerability Details :

CVE-2014-8092

Deferred

Source-secalert@redhat.com

Published At-10 Dec, 2014 | 15:59

Updated At-29 Aug, 2025 | 13:42

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 6.5

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

X.Org Foundation

>>x11>>1.0

cpe:2.3:a:x.org:x11:1.0:*:*:*:*:*:*:*

X.Org Foundation

>>x_server>>Versions up to 1.16.2.99.901(inclusive)

cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

Evaluator Description

CWE-190: Integer Overflow or Wraparound

References

Hyperlink	Source	Resource
http://advisories.mageia.org/MGASA-2014-0532.html	secalert@redhat.com	N/A
http://secunia.com/advisories/61947	secalert@redhat.com	N/A
http://secunia.com/advisories/62292	secalert@redhat.com	N/A
http://www.debian.org/security/2014/dsa-3095	secalert@redhat.com	N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2015:119	secalert@redhat.com	N/A
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	secalert@redhat.com	N/A
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html	secalert@redhat.com	N/A
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	secalert@redhat.com	N/A
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	secalert@redhat.com	Vendor Advisory
http://www.securityfocus.com/bid/71595	secalert@redhat.com	N/A
http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/	secalert@redhat.com	Patch Vendor Advisory
https://security.gentoo.org/glsa/201504-06	secalert@redhat.com	N/A
http://advisories.mageia.org/MGASA-2014-0532.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/61947	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/62292	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.debian.org/security/2014/dsa-3095	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2015:119	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.securityfocus.com/bid/71595	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://security.gentoo.org/glsa/201504-06	af854a3a-2127-422b-91ae-364da2661108	N/A