Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2012-1699

EPSS 0.07% · P23
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-1699

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
X.Org ‘ProcSetEventMask’函数缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
X.Org是X.Org基金会运作的一个对X Window系统的官方参考实现,是开源的自由软件。 X.Org X11R6至X11R6.6版本和XFree86 3.3.3之前版本中的xfs字体服务器中的difs/events.c中的ProcSetEventMask函数中存在漏洞,该漏洞源于程序使用掩码值而非指针对SendErrToClient函数进行调用。通过SetEventMask请求触发无效的指针引用,本地攻击者利用该漏洞导致拒绝服务(内存破坏和崩溃)或从内存获得潜在的敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2012-1699

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2012-1699

登录查看更多情报信息。

Same Patch Batch · n/a · 2012-12-21 · 20 CVEs total

CVE-2012-5517Linux Kernel 空指针引用本地拒绝服务漏洞
CVE-2012-3482Fetchmail 拒绝服务漏洞
CVE-2012-3133Oracle多款产品DataDirect ODBC驱动程序缓冲区溢出漏洞
CVE-2012-1714Oracle Hyperion Financial Management TList 6 ActiveX控件未明安全漏洞
CVE-2012-1712Oracle Sun GlassFish Web Space Server Liferay组件路径遍历漏洞
CVE-2012-0882Oracle MySQL 缓冲区错误漏洞
CVE-2012-0841libxml2 资源管理错误漏洞
CVE-2011-2728Perl "File::Glob::bsd_glob()"函数任意代码执行漏洞
CVE-2010-2387GNOME Display Manager 信任管理漏洞
CVE-2012-5954IBM Tivoli Storage Manager for Space Management 安全漏洞
CVE-2012-5181concrete5 Japanese/English 跨站脚本漏洞
CVE-2012-4859IBM Tivoli Storage Manager for Space Management 本地未授权访问漏洞
CVE-2012-4565Linux Kernel ‘tcp_illinois_info()’本地拒绝服务漏洞
CVE-2012-4508Linux Kernel ‘ext4_convert_unwritten_exten()’函数本地信息泄露漏洞
CVE-2012-4444Linux Kernel IPv6 远程安全绕过漏洞
CVE-2012-3002多家厂商网络摄像机产品远程身份验证绕过漏洞
CVE-2012-0957Linux Kernel‘uname()’内核内存泄露漏洞
CVE-2012-6325VMware vCenter Server Appliance 任意文件读取漏洞
CVE-2012-6324VMware vCenter Server Appliance 目录遍历漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2012-1699

No comments yet

Leave a comment