X.org vulnerabilities

2007-04-03T00:00:00
ID USN-448-1
Type ubuntu
Reporter Ubuntu
Modified 2007-04-03T00:00:00

Description

Sean Larsson of iDefense Labs discovered that the MISC-XC extension of Xorg did not correctly verify the size of allocated memory. An authenticated user could send a specially crafted X11 request and execute arbitrary code with root privileges. (CVE-2007-1003)

Greg MacManus of iDefense Labs discovered that the BDF font handling code in Xorg and FreeType did not correctly verify the size of allocated memory. If a user were tricked into using a specially crafted font, a remote attacker could execute arbitrary code with root privileges. (CVE-2007-1351, CVE-2007-1352)