suse · CVE-2013-2005

Quick triage

Priority: medium Published: 2021-05-30 13:11:17 UTC Updated: 2026-04-18 18:58:41 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2013-2005 severity moderate: SUSE including 27 source package names (libXt-devel-1.1.4-3.59, libXt-devel-1.1.5-1.19, …), 99 product×package rows across 55 product lines (SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Desktop 11 SP3, … (55 product lines)): Fixed 99.

Description:

X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.

cvelogic Threat Intelligence