| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary code execution |
|
| Description |
| + |
In the X.Org X server on v.1.19.3, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. |
|
| References |
| + |
https://bugzilla.suse.com/show_bug.cgi?id=1035283 |
| + |
https://cgit.freedesktop.org/xorg/xserver/commit/?id=215f894965df5fb0bb45b107d84524e700d2073c |
| + |
https://cgit.freedesktop.org/xorg/xserver/commit/?id=8caed4df36b1f802b4992edcfd282cbeeec35d9d |
| + |
https://cgit.freedesktop.org/xorg/xserver/commit/?id=ba336b24052122b136486961c82deac76bbde455 |
|
| Notes |
| + |
Setting these as remote because I think they are exploitable under x-forwarding. |
|