Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.5
CVSSv2

CVE-2010-4818

Published: 05/09/2012 Updated: 06/09/2012
CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8
VMScore: 756
Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Subscribe to X.org

Vulnerability Summary

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

x.org x.org 1.7.7

Vendor Advisories

Ubuntu Security Notice: xorg-server vulnerabilities
The X server could be made to crash, run programs as an administrator, or read arbitrary files ...
Ubuntu Security Notice: xorg-server vulnerability
The X server could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: xorg-server regression
USN-1232-1 caused a regression with GLX support ...
Amazon Linux AMI: ALAS-2011-013
Multiple input sanitization flaws were found in the XOrg GLX (OpenGL extension to the X Window System) extension A malicious, authorized client could use these flaws to crash the XOrg server or, potentially, execute arbitrary code with root privileges (CVE-2010-4818) An input sanitization flaw was found in the XOrg Render extension A maliciou ...

References

CWE-20https://bugs.freedesktop.org/show_bug.cgi?id=28823http://www.openwall.com/lists/oss-security/2011/09/22/7http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037fhttp://www.openwall.com/lists/oss-security/2011/09/23/6http://cgit.freedesktop.org/xorg/xserver/commit?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4https://bugzilla.redhat.com/show_bug.cgi?id=740954http://rhn.redhat.com/errata/RHSA-2011-1360.htmlhttp://www.openwall.com/lists/oss-security/2011/09/23/4http://rhn.redhat.com/errata/RHSA-2011-1359.htmlhttp://cgit.freedesktop.org/xorg/xserver/commit?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543https://nvd.nist.govhttps://usn.ubuntu.com/1232-1/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook