Log

AVG-1188 edited at 31 Jul 2020 15:08:00
Affected
- 7.1.14-6
+ 7.1.14-7
AVG-1200 edited at 31 Jul 2020 15:07:18
Affected
- 6.1.9-6
+ 6.1.9-7
AVG-1204 edited at 31 Jul 2020 15:06:45
Status
- Vulnerable
+ Fixed
Fixed
+ 8.5.57-1
AVG-1205 edited at 31 Jul 2020 15:06:37
Status
- Vulnerable
+ Fixed
Fixed
+ 9.0.37-1
AVG-1207 edited at 31 Jul 2020 15:06:27
Affected
- 5.4.0-1
+ 5.3.5-3
AVG-1210 edited at 31 Jul 2020 15:05:58
Affected
- 7.7.0-1
+ 7.8.0-1
AVG-1212 edited at 31 Jul 2020 15:04:25
Severity
- Unknown
+ High
CVE-2020-14344 edited at 31 Jul 2020 15:04:25
Severity
- Unknown
+ High
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ The X Input Method (XIM) client implementation in libX11 has some integer overflows and signed/unsigned comparison issues that can lead to heap corruption when handling malformed messages from an input method.
References
+ https://lists.x.org/archives/xorg-devel/2020-July/058597.html
Notes
AVG-1212 created at 31 Jul 2020 15:03:52
Packages
+ libx11
Issues
+ CVE-2020-14344
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 1.6.9-7
Fixed
Ticket
Advisory qualified
+ Yes
References
+ https://lists.x.org/archives/xorg-devel/2020-July/058597.html
Notes
CVE-2020-14344 created at 31 Jul 2020 15:03:52
AVG-1211 edited at 31 Jul 2020 15:03:13
Severity
- Unknown
+ Low
CVE-2020-14347 edited at 31 Jul 2020 15:03:13
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Information disclosure
Description
+ Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges.
+ This flaw can lead to ASLR bypass, which when combined with other flaws (known/unknown) could lead to lead to privilege elevation in the client.
References
+ https://lists.x.org/archives/xorg-announce/2020-July/003051.html
Notes
AVG-1211 created at 31 Jul 2020 15:02:30
Packages
+ xorg-server
Issues
+ CVE-2020-14347
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 1.20.8-2
Fixed
Ticket
Advisory qualified
+ Yes
References
+ https://lists.x.org/archives/xorg-announce/2020-July/003051.html
Notes
CVE-2020-14347 created at 31 Jul 2020 15:02:30