Published: 31/12/2006 Updated: 11/10/2017

CVSS v2 Base Score: 6.6 | Impact Score: 10 | Exploitability Score: 2.7

VMScore: 587

Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C

Subscribe to X.org

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.

Vulnerable Product	Search on Vulmon	Subscribe to Product
x.org x.org 7.0
x.org x.org 7.1
xfree86 project xfree86
x.org x.org 6.8.2
x.org x.org 6.9.0

The DBE and Render extensions in Xorg were vulnerable to integer overflows, which could lead to memory overwrites An authenticated user could make a specially crafted request and execute arbitrary code with root privileges ...

NVD-CWE-Other http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463 http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html http://www.ubuntu.com/usn/usn-403-1 https://issues.rpath.com/browse/RPL-920 http://www.redhat.com/support/errata/RHSA-2007-0002.html http://www.redhat.com/support/errata/RHSA-2007-0003.html http://www.securityfocus.com/bid/21968 http://secunia.com/advisories/23633 http://secunia.com/advisories/23670 http://secunia.com/advisories/23684 http://secunia.com/advisories/23689 http://secunia.com/advisories/23705 http://securitytracker.com/id?1017495 http://secunia.com/advisories/23698 http://www.novell.com/linux/security/advisories/2007_08_x.html http://secunia.com/advisories/23758 http://secunia.com/advisories/23789 http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm http://security.gentoo.org/glsa/glsa-200701-25.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1 http://secunia.com/advisories/23966 http://secunia.com/advisories/24168 http://secunia.com/advisories/24210 http://secunia.com/advisories/24247 http://secunia.com/advisories/24401 http://www.mandriva.com/security/advisories?name=MDKSA-2007:005 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc http://secunia.com/advisories/25802 http://osvdb.org/32084 http://www.vupen.com/english/advisories/2007/0108 http://www.vupen.com/english/advisories/2007/0669 http://www.vupen.com/english/advisories/2007/2233 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01075678 http://www.vupen.com/english/advisories/2007/0589 http://www.vupen.com/english/advisories/2007/0109 https://www.debian.org/security/2007/dsa-1249 https://exchange.xforce.ibmcloud.com/vulnerabilities/31337 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490 https://usn.ubuntu.com/403-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook