Lucene search

K

[email protected]NVD:CVE-2010-4818

HistorySep 05, 2012 - 11:55 p.m.

CVE-2010-4818

2012-09-0523:55:01

CWE-20

[email protected]

web.nvd.nist.gov

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.4%

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.

Affected configurations

NVD

Node

x.orgx.orgMatch1.7.7

References

cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f

cgit.freedesktop.org/xorg/xserver/commit?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543

cgit.freedesktop.org/xorg/xserver/commit?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4

rhn.redhat.com/errata/RHSA-2011-1359.html

rhn.redhat.com/errata/RHSA-2011-1360.html

www.openwall.com/lists/oss-security/2011/09/22/7

www.openwall.com/lists/oss-security/2011/09/23/4

www.openwall.com/lists/oss-security/2011/09/23/6

bugs.freedesktop.org/show_bug.cgi?id=28823

bugzilla.redhat.com/show_bug.cgi?id=740954

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.4%

Related for NVD:CVE-2010-4818

cve1 veracode1 nessus15 debiancve1 ubuntucve2 prion1 cvelist1 centos2 openvas21 amazon1 redhat2 oraclelinux2 ubuntu3 securityvulns2