(RHSA-2005:329) XFree86 security update

2005-09-1200:00:00

access.redhat.com

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

88.9%

JSON

XFree86 is an open source implementation of the X Window System. It
provides the basic low-level functionality that full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.

Several integer overflow bugs were found in the way XFree86 parses pixmap
images. It is possible for a user to gain elevated privileges by loading a
specially crafted pixmap image. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2005-2495 to this issue.

Users of XFree86 should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to this issue.

OSVersionArchitecturePackageVersionFilename
RedHatanyi386xfree86-iso8859-15-75dpi-fonts< 4.1.0-73.ELXFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
RedHatanyia64xfree86-iso8859-15-100dpi-fonts< 4.1.0-73.ELXFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm
RedHatanyia64xfree86-xnest< 4.1.0-73.ELXFree86-Xnest-4.1.0-73.EL.ia64.rpm
RedHatanyi386xfree86-xnest< 4.1.0-73.ELXFree86-Xnest-4.1.0-73.EL.i386.rpm
RedHatanyia64xfree86-75dpi-fonts< 4.1.0-73.ELXFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm
RedHatanyi386xfree86-iso8859-9-100dpi-fonts< 4.1.0-73.ELXFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
RedHatanyi386xfree86-xf86cfg< 4.1.0-73.ELXFree86-xf86cfg-4.1.0-73.EL.i386.rpm
RedHatanyi386xfree86-doc< 4.1.0-73.ELXFree86-doc-4.1.0-73.EL.i386.rpm
RedHatanyi386xfree86-tools< 4.1.0-73.ELXFree86-tools-4.1.0-73.EL.i386.rpm
RedHatanyia64xfree86-xfs< 4.1.0-73.ELXFree86-xfs-4.1.0-73.EL.ia64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	i386	xfree86-iso8859-15-75dpi-fonts	< 4.1.0-73.EL	XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
RedHat	any	ia64	xfree86-iso8859-15-100dpi-fonts	< 4.1.0-73.EL	XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm
RedHat	any	ia64	xfree86-xnest	< 4.1.0-73.EL	XFree86-Xnest-4.1.0-73.EL.ia64.rpm
RedHat	any	i386	xfree86-xnest	< 4.1.0-73.EL	XFree86-Xnest-4.1.0-73.EL.i386.rpm
RedHat	any	ia64	xfree86-75dpi-fonts	< 4.1.0-73.EL	XFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm
RedHat	any	i386	xfree86-iso8859-9-100dpi-fonts	< 4.1.0-73.EL	XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
RedHat	any	i386	xfree86-xf86cfg	< 4.1.0-73.EL	XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
RedHat	any	i386	xfree86-doc	< 4.1.0-73.EL	XFree86-doc-4.1.0-73.EL.i386.rpm
RedHat	any	i386	xfree86-tools	< 4.1.0-73.EL	XFree86-tools-4.1.0-73.EL.i386.rpm
RedHat	any	ia64	xfree86-xfs	< 4.1.0-73.EL	XFree86-xfs-4.1.0-73.EL.ia64.rpm