(RHSA-2007:0126) Important: xorg-x11 security update

2007-04-0300:00:00

access.redhat.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.055 Low

EPSS

Percentile

92.4%

JSON

X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

iDefense reported an integer overflow flaw in the X.org XC-MISC
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or potentially execute arbitrary code with the
privileges of the X.org server. (CVE-2007-1003)

iDefense reported two integer overflows in the way X.org handled various
font files. A malicious local user could exploit these issues to
potentially execute arbitrary code with the privileges of the X.org server.
(CVE-2007-1351, CVE-2007-1352)

An integer overflow flaw was found in the X.org XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667)

Users of X.org should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64xorg-x11-doc< 6.8.2-1.EL.13.37.7xorg-x11-doc-6.8.2-1.EL.13.37.7.ia64.rpm
RedHatanys390xxorg-x11-mesa-libglu< 6.8.2-1.EL.13.37.7xorg-x11-Mesa-libGLU-6.8.2-1.EL.13.37.7.s390x.rpm
RedHatanyx86_64xorg-x11-tools< 6.8.2-1.EL.13.37.7xorg-x11-tools-6.8.2-1.EL.13.37.7.x86_64.rpm
RedHatanyi386xorg-x11-mesa-libgl< 6.8.2-1.EL.13.37.7xorg-x11-Mesa-libGL-6.8.2-1.EL.13.37.7.i386.rpm
RedHatanyppcxorg-x11-xnest< 6.8.2-1.EL.13.37.7xorg-x11-Xnest-6.8.2-1.EL.13.37.7.ppc.rpm
RedHatanyi386xorg-x11< 6.8.2-1.EL.13.37.7xorg-x11-6.8.2-1.EL.13.37.7.i386.rpm
RedHatanyi386xorg-x11-twm< 6.8.2-1.EL.13.37.7xorg-x11-twm-6.8.2-1.EL.13.37.7.i386.rpm
RedHatanys390xorg-x11-twm< 6.8.2-1.EL.13.37.7xorg-x11-twm-6.8.2-1.EL.13.37.7.s390.rpm
RedHatanyppcxorg-x11-xvfb< 6.8.2-1.EL.13.37.7xorg-x11-Xvfb-6.8.2-1.EL.13.37.7.ppc.rpm
RedHatanyi386xorg-x11-xdmx< 6.8.2-1.EL.13.37.7xorg-x11-Xdmx-6.8.2-1.EL.13.37.7.i386.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ia64	xorg-x11-doc	< 6.8.2-1.EL.13.37.7	xorg-x11-doc-6.8.2-1.EL.13.37.7.ia64.rpm
RedHat	any	s390x	xorg-x11-mesa-libglu	< 6.8.2-1.EL.13.37.7	xorg-x11-Mesa-libGLU-6.8.2-1.EL.13.37.7.s390x.rpm
RedHat	any	x86_64	xorg-x11-tools	< 6.8.2-1.EL.13.37.7	xorg-x11-tools-6.8.2-1.EL.13.37.7.x86_64.rpm
RedHat	any	i386	xorg-x11-mesa-libgl	< 6.8.2-1.EL.13.37.7	xorg-x11-Mesa-libGL-6.8.2-1.EL.13.37.7.i386.rpm
RedHat	any	ppc	xorg-x11-xnest	< 6.8.2-1.EL.13.37.7	xorg-x11-Xnest-6.8.2-1.EL.13.37.7.ppc.rpm
RedHat	any	i386	xorg-x11	< 6.8.2-1.EL.13.37.7	xorg-x11-6.8.2-1.EL.13.37.7.i386.rpm
RedHat	any	i386	xorg-x11-twm	< 6.8.2-1.EL.13.37.7	xorg-x11-twm-6.8.2-1.EL.13.37.7.i386.rpm
RedHat	any	s390	xorg-x11-twm	< 6.8.2-1.EL.13.37.7	xorg-x11-twm-6.8.2-1.EL.13.37.7.s390.rpm
RedHat	any	ppc	xorg-x11-xvfb	< 6.8.2-1.EL.13.37.7	xorg-x11-Xvfb-6.8.2-1.EL.13.37.7.ppc.rpm
RedHat	any	i386	xorg-x11-xdmx	< 6.8.2-1.EL.13.37.7	xorg-x11-Xdmx-6.8.2-1.EL.13.37.7.i386.rpm