Published: 16/06/2008 Updated: 11/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8

VMScore: 605

Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to read arbitrary process memory via crafted values for a Pixmap width and height.

Vulnerable Product	Search on Vulmon	Subscribe to Product
x x11 r7.3

Multiple flaws were found in the RENDER, RECORD, and Security extensions of Xorg which did not correctly validate function arguments An authenticated attacker could send specially crafted requests and gain root privileges or crash X (CVE-2008-1377, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362) ...

Several local vulnerabilities have been discovered in the X Window system The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1377 Lack of validation of the parameters of the SProcSecurityGenerateAuthorization and SProcRecordCreateContext functions makes it possible for a specially crafted requ ...

CWE-189 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722 http://lists.freedesktop.org/archives/xorg/2008-June/036026.html ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff http://www.debian.org/security/2008/dsa-1595 http://rhn.redhat.com/errata/RHSA-2008-0502.html http://rhn.redhat.com/errata/RHSA-2008-0504.html http://rhn.redhat.com/errata/RHSA-2008-0512.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://www.ubuntu.com/usn/usn-616-1 http://www.securityfocus.com/bid/29669 http://securitytracker.com/id?1020246 http://secunia.com/advisories/30627 http://secunia.com/advisories/30628 http://secunia.com/advisories/30629 http://secunia.com/advisories/30630 http://secunia.com/advisories/30637 http://secunia.com/advisories/30659 http://secunia.com/advisories/30664 http://secunia.com/advisories/30666 http://secunia.com/advisories/30809 http://secunia.com/advisories/30772 http://secunia.com/advisories/30715 http://security.gentoo.org/glsa/glsa-200806-07.xml http://secunia.com/advisories/31109 http://secunia.com/advisories/30843 https://issues.rpath.com/browse/RPL-2607 http://secunia.com/advisories/30671 http://www.redhat.com/support/errata/RHSA-2008-0503.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:115 http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201 https://issues.rpath.com/browse/RPL-2619 http://www.mandriva.com/security/advisories?name=MDVSA-2008:116 http://secunia.com/advisories/32099 http://www.mandriva.com/security/advisories?name=MDVSA-2008:179 http://secunia.com/advisories/31025 http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://secunia.com/advisories/32545 http://www.vupen.com/english/advisories/2008/3000 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://support.apple.com/kb/HT3438 http://www.vupen.com/english/advisories/2008/1983/references http://www.vupen.com/english/advisories/2008/1803 http://www.vupen.com/english/advisories/2008/1833 https://exchange.xforce.ibmcloud.com/vulnerabilities/43016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966 http://www.securityfocus.com/archive/1/493550/100/0/threaded http://www.securityfocus.com/archive/1/493548/100/0/threaded https://usn.ubuntu.com/616-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook