Computer Security
[EN] securityvulns.ru no-pyccku


X.org / XFree68 multiple integer overflows
updated since 09.01.2007
Published:10.01.2007
Source:
SecurityVulns ID:7024
Type:local
Threat Level:
6/10
Description:Integer overflow in DBE and Renderer extensions.
Affected:XFREE : XFree86 4.3
 XFREE : XFree86 4.6
 X.ORG : X.org 6.8
 XFREE : XFree86 4.5
 XFREE : XFree86 4.4
CVE:CVE-2006-6103 (Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.)
 CVE-2006-6102 (Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.)
 CVE-2006-6101 (Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability (10.01.2007)
 documentIDEFENSE, iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability (10.01.2007)
 documentIDEFENSE, iDefense Security Advisory 01.09.07: Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability (10.01.2007)
 documentUBUNTU, [USN-403-1] X.org vulnerabilities (09.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod