[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability

Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability iDefense Security Advisory 04.03.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 03, 2007 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a...

[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability

Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability iDefense Security Advisory 04.03.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 03, 2007 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a...

XFree86 security update

CentOS Errata and Security Advisory CESA-2007:0125 Updated XFree86 packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an...

Moderate: Red Hat Security Advisory: ImageMagick security update

Updated ImageMagick packages that correct several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple...

X.Org X server: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple memory corruption vulnerabilities have been found in the ProcDbeGetVisualInfo and the ProcDbeSwapBuffers of the DBE extension, and ProcRenderAddGlyphs in the Render extension. Impac...

gtk2 security update

CentOS Errata and Security Advisory CESA-2007:0019 Updated gtk2 packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating...

RHEL 4 : gtk2 (RHSA-2007:0019)

Updated gtk2 packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating graphical user interfaces for the X Window System. A bug...

[SECURITY] [DSA 1249-1] New xfree86 packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1249-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 15th, 2007 http://www.debian.org/security/faq -...

DSA-1249-1 xfree86

Bulletin has no description...

XFree86 security update

CentOS Errata and Security Advisory CESA-2007:0002-01 Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of...

X.Org DBE和Render扩展多个整数溢出漏洞

X.Org是X.Org Foundation对X窗口系统的开源实现。 X.Org Render扩展的ProcRenderAddGlyphs函数及DBE扩展的ProcDbeGetVisualInfo和ProcDbeSwapBuffers函数没有正确验证用户输入，允许攻击者通过向X服务器发送特制的X请求触发整数溢出，本地攻击者可能利用此漏洞获取root用户权限。 X.org X11R6 6.9.0 X.org X11R7 7.1 X.org X11R7 7.0 临时解决方法：...

XFree86 security update

CentOS Errata and Security Advisory CESA-2007:0002 Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the...

security flaw

Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability

Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND The X Window System is a graphical windowing system based on a client/server model. More...

iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability

Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND The X Window System is a graphical windowing system based on a client/server model. Mor...

[SECURITY] Fedora Core 6 Update: xterm-223-1.fc6

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly...

[SECURITY] Fedora Core 5 Update: xterm-223-1.fc5

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly...

X.Org LibX11 XKEYBOARD扩展本地溢出漏洞

X.Org是X.Org Foundation对X窗口系统的开源实现。 X11R6 X窗口系统库的字符控制函数中存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 如果将XKBCHARSET环境变量设置为很长的字符串并将DISPLAY环境变量设置为启用了XKEYBOARD扩展的X窗口系统服务器的话，则调用动态连接库时就会触发这个漏洞，导致执行任意指令。 X11R6.4中有漏洞的函数： static int if NeedFunctionPrototypes Strcmpchar str1, char str2 else Strcmpstr1, str2 char str1...

qt security update

CentOS Errata and Security Advisory CESA-2006:0725-01 Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and...

Moderate: Red Hat Security Advisory: qt security update

Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications...