Lucene search

PRIOn knowledge basePRION:CVE-2006-1526

HistoryMay 02, 2006 - 9:06 p.m.

Buffer overflow

2006-05-0221:06:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

38.8%

JSON

Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a “&” instead of a “*” operator. NOTE: the subject line of the original announcement used an incorrect CVE number for this issue.

CPENameOperatorVersion
x11r6eq6.8.1
x11r6eq6.7.0
x11r6eq6.8
x11r6eq6.9

Name	Operator	Version
x11r6	eq	6.8.1
x11r6	eq	6.7.0
x11r6	eq	6.8
x11r6	eq	6.9

References

lists.freedesktop.org/archives/xorg/2006-May/015136.html

secunia.com/advisories/19900

secunia.com/advisories/19915

secunia.com/advisories/19916

secunia.com/advisories/19921

secunia.com/advisories/19943

secunia.com/advisories/19951

secunia.com/advisories/19956

secunia.com/advisories/19983

securitytracker.com/id?1016018

sunsolve.sun.com/search/document.do?assetkey=1-26-102339-1

www.gentoo.org/security/en/glsa/glsa-200605-02.xml

www.kb.cert.org/vuls/id/633257

www.mandriva.com/security/advisories?name=MDKSA-2006:081

www.novell.com/linux/security/advisories/2006_05_03.html

www.openbsd.org/errata38.html

www.redhat.com/support/errata/RHSA-2006-0451.html

www.securityfocus.com/archive/1/436327/100/0/threaded

www.securityfocus.com/bid/17795

www.trustix.org/errata/2006/0024

www.vupen.com/english/advisories/2006/1617

bugs.freedesktop.org/show_bug.cgi?id=6642

exchange.xforce.ibmcloud.com/vulnerabilities/26200

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9929

usn.ubuntu.com/280-1/

6.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

38.8%

JSON

Related for PRION:CVE-2006-1526