CVE-2014-8092 — MEDIUM (6.5)

Q: How severe is CVE-2014-8092?

CVE-2014-8092 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-8092?

Check the references section above for vendor advisories and patch information. Affected products include: X.Org X11, X.Org X Server.

Vulnerability Description

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.

CVSS Score

6.5

MEDIUM

AV:N/AC:L/Au:S/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
X.Org	X11	1.0
X.Org	X Server	<= 1.16.2.99.901

References

FAQ

What is CVE-2014-8092?

CVE-2014-8092 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (cra...

How severe is CVE-2014-8092?

CVE-2014-8092 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-8092?

Check the references section above for vendor advisories and patch information. Affected products include: X.Org X11, X.Org X Server.