Published: 16/06/2008 Updated: 11/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8

VMScore: 605

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Subscribe to X11

Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xorg x11 r7.3

Multiple flaws were found in the RENDER, RECORD, and Security extensions of Xorg which did not correctly validate function arguments An authenticated attacker could send specially crafted requests and gain root privileges or crash X (CVE-2008-1377, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362) ...

Several local vulnerabilities have been discovered in the X Window system The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1377 Lack of validation of the parameters of the SProcSecurityGenerateAuthorization and SProcRecordCreateContext functions makes it possible for a specially crafted requ ...

CWE-189 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=719 http://lists.freedesktop.org/archives/xorg/2008-June/036026.html ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2361.diff http://www.debian.org/security/2008/dsa-1595 http://rhn.redhat.com/errata/RHSA-2008-0502.html http://rhn.redhat.com/errata/RHSA-2008-0504.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://www.ubuntu.com/usn/usn-616-1 http://www.securityfocus.com/bid/29665 http://securitytracker.com/id?1020244 http://secunia.com/advisories/30627 http://secunia.com/advisories/30629 http://secunia.com/advisories/30630 http://secunia.com/advisories/30637 http://secunia.com/advisories/30659 http://secunia.com/advisories/30664 http://secunia.com/advisories/30666 http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm http://www.redhat.com/support/errata/RHSA-2008-0503.html https://issues.rpath.com/browse/RPL-2619 http://secunia.com/advisories/30715 https://issues.rpath.com/browse/RPL-2607 http://secunia.com/advisories/30843 http://www.mandriva.com/security/advisories?name=MDVSA-2008:116 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201 http://secunia.com/advisories/31109 http://www.mandriva.com/security/advisories?name=MDVSA-2008:115 http://secunia.com/advisories/30671 http://secunia.com/advisories/30772 http://security.gentoo.org/glsa/glsa-200806-07.xml http://secunia.com/advisories/30809 http://secunia.com/advisories/32099 http://www.mandriva.com/security/advisories?name=MDVSA-2008:179 http://secunia.com/advisories/31025 http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.vupen.com/english/advisories/2008/1803 http://www.vupen.com/english/advisories/2008/1833 http://www.vupen.com/english/advisories/2008/1983/references https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8978 http://www.securityfocus.com/archive/1/493550/100/0/threaded http://www.securityfocus.com/archive/1/493548/100/0/threaded https://usn.ubuntu.com/616-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook