9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.54 Medium
EPSS
Percentile
97.1%
The X.org fix for CVE-2007-6429 introduced a regression in the MIT-SHM
extension, which prevented the start of a few applications. This update
provides updated packages for the xfree86 version included in Debian
old stable (sarge) in addition to the fixed packages for Debian stable
(etch), which were provided in DSA 1466-2.
For reference the original advisory text below:
Several local vulnerabilities have been discovered in the X.Org X
server. The Common Vulnerabilities and Exposures project identifies the
following problems:
For the oldstable distribution (sarge), this problem has been fixed in
version 4.3.0.dfsg.1-14sarge7 of xfree86.
For the stable distribution (etch), this problem has been fixed in
version 1.1.1-21etch3 of xorg-server and 1.2.2-2.etch1 of libxfont.
For the unstable distribution (sid), this problem has been fixed in
version 2:1.4.1~git20080118-1 of xorg-server and version 1:1.3.1-2
of libxfont.
We recommend that you upgrade your X.org/Xfree86 packages.
CPE | Name | Operator | Version |
---|---|---|---|
xorg-server | eq | 2:1.1.1-21 | |
xorg-server | eq | 2:1.1.1-21etch1 | |
xorg-server | eq | 2:1.1.1-21etch2 |