1395 matches found
USN-571-1: X.org vulnerabilities
Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. CVE-2007-5760, CVE-2007-6427, CVE-2007-6428,...
Security fix for the ALT Linux 10 package xorg-server version 2:1.4.0.90-alt6
Jan. 18, 2008 Valery Inozemtsev 2:1.4.0.90-alt6 - CVE-2007-6429: Don't spuriously reject <8bpp shm pixmaps...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libxfont, xorg-server vulnerabilities (USN-571-1)
Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. CVE-2007-5760, CVE-2007-6427, CVE-2007-6428,...
Xorg / XFree86 PCF font parser buffer overflow
Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...
xfree86: information disclosure via TOG-CUP extension
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index...
xorg: invalid array indexing in XFree86-Misc extension
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index...
[SECURITY] [DSA 1466-1] New xorg-server packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1466-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 17, 2008 http://www.debian.org/security/faq -...
Security fix for the ALT Linux 10 package xorg-server version 2:1.4.0.90-alt5
Jan. 17, 2008 Valery Inozemtsev 2:1.4.0.90-alt5 - fixed CVE-2007-5760, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006...
Debian: Security Advisory (DSA-1372-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1372-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS : xorg-server vulnerability (USN-514-1)
Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges. Note that Tenable Network Security has extracted the preceding...
Ubuntu 5.10 / 6.06 LTS / 6.10 : xorg, xorg-server vulnerabilities (USN-403-1)
The DBE and Render extensions in X.org were vulnerable to integer overflows, which could lead to memory overwrites. An authenticated user could make a specially crafted request and execute arbitrary code with root privileges. Note that Tenable Network Security has extracted the preceding...
Ubuntu 5.10 / 6.06 LTS / 6.10 : freetype, libxfont, xorg, xorg-server vulnerabilities (USN-448-1)
Sean Larsson of iDefense Labs discovered that the MISC-XC extension of Xorg did not correctly verify the size of allocated memory. An authenticated user could send a specially crafted X11 request and execute arbitrary code with root privileges. CVE-2007-1003 Greg MacManus of iDefense Labs...
DTSA-73-1 xorg-server - buffer overflow
Bulletin has no description...
openSUSE 10 Security Update : km_drm (km_drm-4484)
This update fixes the following issues: X Font Server buildrange Integer Overflow Vulnerability IDEF2708, X Font Server swapchar2b Heap Overflow Vulnerability IDEF2709, Composite extension buffer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
X.Org X server: Composite local privilege escalation
Background The X Window System is a graphical windowing system based on a client/server model. Description Aaron Plattner discovered a buffer overflow in the compNewPixmap function when copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. Impact A local attacker could...
USN-514-1: X.org vulnerability
Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges...
Debian DSA-1372-1 : xorg-server - buffer overflow
Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation. The oldstable distribution sarge is not affected by this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
[SECURITY] [DSA 1372-1] New xorg-server packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1372-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 9th, 2007 http://www.debian.org/security/faq -...
DSA-1372-1 xorg-server - privilege escalation
Bulletin has no description...