6.6 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
88.0%
Multiple flaws were found in the RENDER, RECORD, and Security
extensions of X.org which did not correctly validate function arguments.
An authenticated attacker could send specially crafted requests and gain
root privileges or crash X. (CVE-2008-1377, CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)
It was discovered that the MIT-SHM extension of X.org did not correctly
validate the location of memory during an image copy. An authenticated
attacker could exploit this to read arbitrary memory locations within X,
exposing sensitive information. (CVE-2008-1379)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | xserver-xorg-core | < 2:1.4.1~git20080131-1ubuntu9.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | xnest | < 2:1.4.1~git20080131-1ubuntu9.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | xserver-xephyr | < 2:1.4.1~git20080131-1ubuntu9.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | xserver-xorg-core-dbg | < 2:1.4.1~git20080131-1ubuntu9.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | xserver-xorg-dev | < 2:1.4.1~git20080131-1ubuntu9.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | xvfb | < 2:1.4.1~git20080131-1ubuntu9.2 | UNKNOWN |
Ubuntu | 7.10 | noarch | xserver-xorg-core | < 2:1.3.0.0.dfsg-12ubuntu8.4 | UNKNOWN |
Ubuntu | 7.10 | noarch | xdmx | < 2:1.3.0.0.dfsg-12ubuntu8.4 | UNKNOWN |
Ubuntu | 7.10 | noarch | xdmx-tools | < 2:1.3.0.0.dfsg-12ubuntu8.4 | UNKNOWN |
Ubuntu | 7.10 | noarch | xnest | < 2:1.3.0.0.dfsg-12ubuntu8.4 | UNKNOWN |