vulnerability
FreeBSD: VID-6FAA7FEB-D3FA-11EA-9ABA-0C9D925BBBC0 (CVE-2020-14344): libX11 -- Heap corruption in the X input method client in libX11
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Jul 31, 2020 | Aug 2, 2020 | Oct 20, 2020 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Jul 31, 2020
Added
Aug 2, 2020
Modified
Oct 20, 2020
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-6FAA7FEB-D3FA-11EA-9ABA-0C9D925BBBC0:
The X.org project reports:
The X Input Method (XIM) client implementation in libX11 has some
integer overflows and signed/unsigned comparison issues that can
lead to heap corruption when handling malformed messages from an
input method.
Solution
freebsd-upgrade-package-libx11
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.