Launchpad CVE tracker

CVE 2012-2118

Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name.

Related bugs and status

CVE-2012-2118 (Candidate) is related to these bugs:

Bug #996250: input device names used in logging format strings

		In	Importance	Status
996250	input device names used in logging format strings	xorg-server (Ubuntu)	Low	Fix Released
996250	input device names used in logging format strings	xorg-server (Ubuntu Lucid)	Low	Invalid
996250	input device names used in logging format strings	xorg-server (Ubuntu Natty)	Low	Won't Fix
996250	input device names used in logging format strings	xorg-server (Ubuntu Precise)	Low	Fix Released
996250	input device names used in logging format strings	xorg-server (Ubuntu Quantal)	Low	Fix Released
996250	input device names used in logging format strings	xorg-server (Ubuntu Hardy)	Undecided	Won't Fix
996250	input device names used in logging format strings	xorg-server (Ubuntu Oneiric)	Low	Won't Fix

Bug #1023004: xorg crashes when clicking in inkscape work area

Summary				In	Importance	Status
	1023004	xorg crashes when clicking in inkscape work area		xorg-server (Ubuntu)	Undecided	Fix Released
	1023004	xorg crashes when clicking in inkscape work area		Inkscape	High	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-2118

References