Lucene search

K
cve[email protected]CVE-2010-1166
HistoryApr 29, 2010 - 9:30 p.m.

CVE-2010-1166

2010-04-2921:30:00
CWE-189
web.nvd.nist.gov
40
cve-2010-1166
x server
render extension
x.org x11r7.1
memory corruption
daemon crash
remote code execution
nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%

The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition.

Affected configurations

NVD
Node
xx.orgMatch7.1
CPENameOperatorVersion
x:x.orgx x.orgeq7.1

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%