CVE-2016-7949: libXrender: Insufficient validation of server responses results in overflow of previously reserved memory

Severity: Critical

CVSS Score: 9.8

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.