FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xorg-server -- use-after-free

Affected packages
1.7.0 <= xorg-server < 1.7.7_11
1.12.0 <= xorg-server < 1.12.4_4

Details

VuXML ID 9a57c607-3cab-11e3-b4d9-bcaec565249c
Discovery 2013-10-08
Entry 2013-10-24

Alan Coopersmith reports:

Pedro Ribeiro (pedrib at gmail.com) reported an issue to the X.Org security team in which an authenticated X client can cause an X server to use memory after it was freed, potentially leading to crash and/or memory corruption.

References

CVE Name CVE-2013-4396
URL http://lists.x.org/archives/xorg-announce/2013-October/002332.html