It was found that when receiving a response from the server protocol data is not validated sufficiently. A check is needed if enough bytes were received for specified image type and geometry. Otherwise GetPixel and other functions could trigger an out of boundary read.
Created libX11 tracking bugs for this issue:
Affects: fedora-all [bug 1381863]