OVAL Reference oval:com.ubuntu.precise:def:20131997000

Oval Definition:

oval:com.ubuntu.precise:def:20131997000

Revision Date:	2013-06-15	Version:	1
Title:	CVE-2013-1997 on Ubuntu 12.04 LTS (precise) - medium.
Description:	Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-1997
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND The 'libx11' package in precise was vulnerable but has been fixed (note: '2:1.4.99.1-0ubuntu2.1').