Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.6
CVSSv2

CVE-2010-4819

Published: 05/09/2012 Updated: 13/09/2012
CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9
VMScore: 320
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P
Subscribe to X

Vulnerability Summary

The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and previous versions allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw."

Vulnerable Product Search on Vulmon Subscribe to Product

x x.org-xserver

x x.org-xserver 1.7.7

x x.org-xserver 1.7.6.902

x x.org-xserver 1.7

Vendor Advisories

Ubuntu Security Notice: xorg-server vulnerabilities
The X server could be made to crash, run programs as an administrator, or read arbitrary files ...
Ubuntu Security Notice: xorg-server vulnerability
The X server could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: xorg-server regression
USN-1232-1 caused a regression with GLX support ...
Amazon Linux AMI: ALAS-2011-013
Multiple input sanitization flaws were found in the XOrg GLX (OpenGL extension to the X Window System) extension A malicious, authorized client could use these flaws to crash the XOrg server or, potentially, execute arbitrary code with root privileges (CVE-2010-4818) An input sanitization flaw was found in the XOrg Render extension A maliciou ...

References

CWE-20http://rhn.redhat.com/errata/RHSA-2011-1359.htmlhttp://rhn.redhat.com/errata/RHSA-2011-1360.htmlhttp://aix.software.ibm.com/aix/efixes/security/X_advisory2.aschttp://securitytracker.com/id?1026149https://bugs.freedesktop.org/show_bug.cgi?id=28801http://cgit.freedesktop.org/xorg/xserver/commit/render/render.c?id=5725849a1b427cd4a72b84e57f211edb35838718http://www.openwall.com/lists/oss-security/2011/09/23/5http://www.openwall.com/lists/oss-security/2011/09/22/8https://nvd.nist.govhttps://usn.ubuntu.com/1232-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook