suse · CVE-2013-2004

Quick triage

Priority: medium Published: 2021-05-30 13:11:17 UTC Updated: 2026-04-18 18:58:41 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2013-2004 severity moderate: SUSE including 61 source package names (libX11-6-1.6.2-11.1, libX11-6-1.6.2-12.5.1, …), 145 product×package rows across 41 product lines (SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Desktop 11 SP3, … (41 product lines)): Fixed 145.

Description:

The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.

cvelogic Threat Intelligence