FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1431f2d6-a06e-11e2-b9e0-001636d274f3NVIDIA UNIX driver -- ARGB cursor buffer overflow in "NoScanout" mode

NVIDIA Unix security team reports:

When the NVIDIA driver for the X Window System is operated in "NoScanout" mode, and an X client installs an ARGB cursor that is larger than the expected size (64x64 or 256x256, depending on the driver version), the driver will overflow a buffer. This can cause a denial of service (e.g., an X server segmentation fault), or could be exploited to achieve arbitrary code execution. Because the X server runs as setuid root in many configurations, an attacker could potentially use this vulnerability in those configurations to gain root privileges.


Discovery 2013-03-27
Entry 2013-04-08
nvidia-driver
ge 310.14 lt 310.44

ge 195.22 lt 304.88

CVE-2013-0131
http://nvidia.custhelp.com/app/answers/detail/a_id/3290