Debian DSA-1595-1 : xorg-server - several vulnerabilities

Several local vulnerabilities have been discovered in the X Window system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1377 Lack of validation of the parameters of the SProcSecurityGenerateAuthorization and SProcRecordCreateContext functions mak...

FreeBSD : xorg -- multiple vulnerabilities (800e8bd5-3acb-11dd-8842-001302a18722)

Matthieu Herrb of X.Org reports : Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Exploiting these overflows will crash the X server or, under certain circumstances...

CentOS 3 : XFree86 (CESA-2008:0502)

Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core...

iDefense Security Advisory 06.11.08: Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability

iDefense Security Advisory 06.11.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 11, 2008 I. BACKGROUND The X Window System is a graphical windowing system based on a client/server model. The Render extension is used to provide Porter-Duff image compositing for the X server. It is...

XFree86 security update

CentOS Errata and Security Advisory CESA-2008:0512-01 Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of...

XFree86 security update

CentOS Errata and Security Advisory CESA-2008:0502 Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the ...

RHEL 2.1 : XFree86 (RHSA-2008:0512)

Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core...

[SECURITY] [DSA 1595-1] New xorg-server packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1595-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 11, 2008 http://www.debian.org/security/faq -...

X.org MIT-SHM extension arbitrary memory read

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

xorg -- multiple vulnerabilities

Matthieu Herrb of X.Org reports: Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Exploiting these overflows will crash the X server or, under certain circumstances all...

JVN#88935101: X.Org Foundation X server buffer overflow vulnerability

The X.Org Foundation provides an open source implementation of the X Window System. The X server of this implementation contains a vulnerability in the handling of Portable Compiled Font PCF format fonts that can be exploited to cause a buffer overflow. Impact An attacker with an established,...

[SECURITY] Fedora 8 Update: nx-3.1.0-25.1.fc8

NX provides a proxy system for the X Window System...

X.Org X Server MIT-SHM及EVI扩展整数溢出漏洞

BUGTRAQ ID: 27350,27353 CVECAN ID: CVE-2007-6429 Xorg X Server是Solaris x86平台上可用的X窗口系统显示服务器之一。 Xorg X Server的MIT-SHM扩展中负责在共享内存中创建位图的方式存在整数溢出漏洞。在分配位图的时候，服务器使用了来自请求的值验证所请求的大小没有大于所分配的共享内存。这个计算可能溢出，导致覆盖内存中的任意地址。 Xorg X...

iDefense Security Advisory 01.17.08: Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities

iDefense Security Advisory 01.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 17, 2008 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a client/server model. More information about about The X Window system is...

iDefense Security Advisory 01.17.08: Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability

iDefense Security Advisory 01.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 17, 2008 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a client/server model. More information about about The X Window system is...

iDefense Security Advisory 01.17.08: Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability

iDefense Security Advisory 01.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 17, 2008 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a client/server model. More information about about The X Window system is...

X.Org X server and Xfont library: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description regenrecht reported multiple vulnerabilities in various X server extension via iDefense: The XFree86-Misc extension does not properly sanitize a parameter within a PassMessage request,...

[SECURITY] Fedora 7 Update: cairo-1.4.14-1.fc7

Cairo is a vector graphics library designed to provide high-quality display and print output. Currently supported output targets include the X Window System, OpenGL via glitz, in-memory image buffers, and image files PDF, PostScript, and SVG. Cairo is designed to produce identical output on all...

XFree86 security update

CentOS Errata and Security Advisory CESA-2008:0029 Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 18th January 2008 Th...

Xorg / XFree86 PCF font parser buffer overflow

Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...