The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
x.org xserver |
||
x.org tog-cup |