CVE-2013-1940 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.1 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:P/I:N/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 30%

Vendor	Product	Version
x	x.org-xserver	𝑥 ≤ 1.13.3
x	x.org-xserver	1.4.0
canonical	ubuntu_linux	11.04
canonical	ubuntu_linux	11.10
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	12.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

xorg-server

bullseye	2:1.20.11-1+deb11u13 fixed
bullseye (security)	2:1.20.11-1+deb11u14 fixed
bookworm	2:21.1.7-3+deb12u7 fixed
bookworm (security)	2:21.1.7-3+deb12u8 fixed
sid	2:21.1.14-1 fixed
trixie	2:21.1.14-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

xorg-server

quantal	Fixed 2:1.13.0-0ubuntu6.2 released
precise	Fixed 2:1.11.4-0ubuntu10.13 released
oneiric	Fixed 2:1.10.4-1ubuntu4.5 released
lucid	Fixed 2:1.7.6-2ubuntu7.12 released
hardy	ignored

xorg-server-lts-quantal

quantal	dne
precise	Fixed 2:1.13.0-0ubuntu6.1~precise3 released
oneiric	dne
lucid	dne
hardy	dne

Common Weakness Enumeration

CWE-264 -

References

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102391.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104089.html

http://lists.opensuse.org/opensuse-updates/2013-06/msg00015.html

http://www.debian.org/security/2013/dsa-2661

http://www.openwall.com/lists/oss-security/2013/04/18/3

http://www.ubuntu.com/usn/USN-1803-1

https://bugs.freedesktop.org/show_bug.cgi?id=63353

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102391.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104089.html

http://lists.opensuse.org/opensuse-updates/2013-06/msg00015.html

http://www.debian.org/security/2013/dsa-2661

http://www.openwall.com/lists/oss-security/2013/04/18/3

http://www.ubuntu.com/usn/USN-1803-1

https://bugs.freedesktop.org/show_bug.cgi?id=63353