Lucene search

[email protected]CVE-2008-1379

HistoryJun 16, 2008 - 7:41 p.m.

CVE-2008-1379

2008-06-1619:41:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-1379

integer overflow

x server

mit-shm extension

nvd

security vulnerability

6.4 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

0.003 Low

EPSS

Percentile

69.2%

JSON

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

CPENameOperatorVersion
x:x11x x11eqr7.3

CPE	Name	Operator	Version
x:x11	x x11	eq	r7.3

References

ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321

labs.idefense.com/intelligence/vulnerabilities/display.php?id=722

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

lists.freedesktop.org/archives/xorg/2008-June/036026.html

lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html

lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html

rhn.redhat.com/errata/RHSA-2008-0502.html

rhn.redhat.com/errata/RHSA-2008-0504.html

rhn.redhat.com/errata/RHSA-2008-0512.html

secunia.com/advisories/30627

secunia.com/advisories/30628

secunia.com/advisories/30629

secunia.com/advisories/30630

secunia.com/advisories/30637

secunia.com/advisories/30659

secunia.com/advisories/30664

secunia.com/advisories/30666

secunia.com/advisories/30671

secunia.com/advisories/30715

secunia.com/advisories/30772

secunia.com/advisories/30809

secunia.com/advisories/30843

secunia.com/advisories/31025

secunia.com/advisories/31109

secunia.com/advisories/32099

secunia.com/advisories/32545

secunia.com/advisories/33937

security.gentoo.org/glsa/glsa-200806-07.xml

securitytracker.com/id?1020246

sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1

support.apple.com/kb/HT3438

support.avaya.com/elmodocs2/security/ASA-2008-249.htm

wiki.rpath.com/wiki/Advisories:rPSA-2008-0201

www.debian.org/security/2008/dsa-1595

www.gentoo.org/security/en/glsa/glsa-200807-07.xml

www.mandriva.com/security/advisories?name=MDVSA-2008:115

www.mandriva.com/security/advisories?name=MDVSA-2008:116

www.mandriva.com/security/advisories?name=MDVSA-2008:179

www.redhat.com/support/errata/RHSA-2008-0503.html

www.securityfocus.com/archive/1/493548/100/0/threaded

www.securityfocus.com/archive/1/493550/100/0/threaded

www.securityfocus.com/bid/29669

www.ubuntu.com/usn/usn-616-1

www.vupen.com/english/advisories/2008/1803

www.vupen.com/english/advisories/2008/1833

www.vupen.com/english/advisories/2008/1983/references

www.vupen.com/english/advisories/2008/3000

exchange.xforce.ibmcloud.com/vulnerabilities/43016

issues.rpath.com/browse/RPL-2607

issues.rpath.com/browse/RPL-2619

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966

6.4 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

0.003 Low

EPSS

Percentile

69.2%

JSON

Related for CVE-2008-1379

securityvulns2 prion1 ubuntucve1 veracode1 debiancve1 nessus35 redhat4 openvas50 centos4 oraclelinux3 ubuntu1 gentoo1 freebsd1 altlinux1 fedora3 osv1 debian1 slackware1 suse1