CVE-2017-12180

Improper Input Validation (CWE-20)

Published: Jan 24, 2018 / Updated: 62mo ago

010
No CVSS yetEPSS 0.82%
CVE info copied to clipboard

xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Timeline

First Article

Feedly found the first article mentioning CVE-2017-12180. See article

Oct 12, 2017 at 7:11 PM / www.phoronix.com
EPSS

EPSS Score was set to: 0.82% (Percentile: 79.9%)

Nov 28, 2023 at 1:04 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (505579)

Jan 10, 2024 at 12:00 AM
Static CVE Timeline Graph

Affected Systems

Debian/debian_linux
+null more

Patches

cgit.freedesktop.org
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

News

redhat_unpatched xorg-x11-server: xorg-x11-server: Unpatched vulnerabilities
Testing Last Updated: 5/11/2024 CVEs: CVE-2022-46343 , CVE-2017-12187 , CVE-2024-0229 , CVE-2020-14360 , CVE-2022-46340 , CVE-2021-4008 , CVE-2017-2624 , CVE-2022-46341 , CVE-2023-6377 , CVE-2022-3551 , CVE-2023-5380 , CVE-2020-25712 , CVE-2024-31081 , CVE-2017-12180 , CVE-2024-0409 , CVE-2023-6816 , CVE-2022-2320 , CVE-2023-6478 , CVE-2017-13723 , CVE-2023-5574 , CVE-2017-10972 , CVE-2024-21886 , CVE-2017-12176 , CVE-2023-1393 , CVE-2017-12184 , CVE-2017-13721 , CVE-2020-14361 , CVE-2022-46342 , CVE-2017-12186 , CVE-2021-4011 , CVE-2022-2319 , CVE-2017-12181 , CVE-2020-14362 , CVE-2020-14347 , CVE-2022-46344 , CVE-2017-12178 , CVE-2017-12185 , CVE-2022-3553 , CVE-2021-4010 , CVE-2024-31083 , CVE-2017-12179 , CVE-2024-0408 , CVE-2017-12183 , CVE-2023-0494 , CVE-2017-10971 , CVE-2021-3472 , CVE-2017-12177 , CVE-2022-4283 , CVE-2024-21885 , CVE-2024-31080 , CVE-2017-12182 , CVE-2020-14346 , CVE-2020-14345 , CVE-2022-3550 , CVE-2023-5367 , CVE-2020-25697 , CVE-2021-4009
CVE-2017-12180
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary...
1 update. Including a (* Security fix *)!
Sun Feb 20 05:13:20 UTC 2022 patches/packages/expat-2.4.3-x86_64-4_slack14.2.txz: Rebuilt. Fixed security issues that could lead to denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315 (* Security fix *)
Slackware 15.0 x86 stable is released
Article URL: https://mirrors.slackware.com/slackware/slackware-current/ChangeLog.txt#src=feeds&time=1643840542 Comments URL: https://news.ycombinator.com/item?id=30204628 Points: 1 # Comments: 1
slackware64 current changes for Fri, 06 Aug 2021 18:04:01 GMT
a/udisks2-2.9.3-x86_64-1.txz: Upgraded. d/patchelf-0.13-x86_64-1.txz: Upgraded. d/python-pip-21.2.3-x86_64-1.txz: Upgraded. kde/krita-4.4.7-x86_64-1.txz: Upgraded. l/gjs-1.68.2-x86_64-1.txz: Upgraded.
See 144 more articles and social media posts

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI