CVE-2013-1983
libxfixes - several
EPSS 0.91%
Description
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
How to fix CVE-2013-1983
To remediate CVE-2013-1983, upgrade the affected package to a fixed version below.
- Debian/libxfixes—upgrade to 1:5.0-4+deb7u1 or later
- Debian/libxfixes—upgrade to 1:4.0.5-1+squeeze1 or later
Is CVE-2013-1983 being exploited?
Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1:5.0-4+deb7u1
- from 0, < 1:4.0.5-1+squeeze1