Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xorg x11 r7.3 |