{"id":"MGASA-2013-0317","summary":"Updated x11-server packages fix CVE-2013-4396","details":"Updated x11-server packages fix security vulnerability:\n\nUse-after-free vulnerability in the doImageText function in dix/dixfonts.c in\nthe xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated\nusers to cause a denial of service (daemon crash) or possibly execute arbitrary\ncode via a crafted ImageText request that triggers memory-allocation failure\n(CVE-2013-4396).\n","modified":"2026-04-16T06:24:27.056495200Z","published":"2013-10-25T21:07:07Z","upstream":["CVE-2013-4396"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0317.html"},{"type":"ADVISORY","url":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4396"},{"type":"WEB","url":"http://lists.x.org/archives/xorg-announce/2013-October/002332.html"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2013-1426.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11428"}],"affected":[{"package":{"name":"x11-server","ecosystem":"Mageia:2","purl":"pkg:rpm/mageia/x11-server?arch=source&distro=mageia-2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.11.4-2.4.mga2"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0317.json"}},{"package":{"name":"x11-server","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/x11-server?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.13.4-2.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0317.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}