GoogleOSV:DSA-1249-1xfree86
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Several vulnerabilities have been discovered in the X Window System,
which may lead to privilege escalation or denial of service.
The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2006-6101
Sean Larsson discovered an integer overflow in the Render extension,
which might lead to denial of service or local privilege escalation. - CVE-2006-6102
Sean Larsson discovered an integer overflow in the DBE extension,
which might lead to denial of service or local privilege escalation. - CVE-2006-6103
Sean Larsson discovered an integer overflow in the DBE extension,
which might lead to denial of service or local privilege escalation.
For the stable distribution (sarge) these problems have been fixed in
version 4.3.0.dfsg.1-14sarge3. This update lacks builds for the
Motorola 680x0 architecture, which had build problems. Packages will be
released once this problem has been resolved.
For the upcoming stable distribution (etch) these problems have been fixed
in version 2:1.1.1-15 of xorg-server.
For the unstable distribution (sid) these problems have been fixed
in version 2:1.1.1-15 of xorg-server.
We recommend that you upgrade your XFree86 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xfree86 | eq | 4.3.0.dfsg.1-14sarge2 | |
| xfree86 | eq | 4.3.0.dfsg.1-14sarge1 | |
| xfree86 | eq | 4.3.0.dfsg.1-14 |
References
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C