The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-12-21T02:00:00

Updated: 2024-08-06T19:08:38.483Z

Reserved: 2012-03-16T00:00:00

Link: CVE-2012-1699

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-12-21T05:46:15.493

Modified: 2024-11-21T01:37:29.360

Link: CVE-2012-1699

cve-icon Redhat

Severity : Low

Publid Date: 2012-07-24T00:00:00Z

Links: CVE-2012-1699 - Bugzilla