PT-2007-7519 · Xfree86+2 · Xfree86+3

Daniel Stone

Publicado

1970-01-01

Atualizado

2024-06-15

CVE-2008-2362

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions XFree86-twm version 4.3.0 XFree86-devel version 4.3.0 XFree86-font-utils version 4.3.0 XFree86-ISO8859-9-75dpi-fonts version 4.3.0 XFree86-cyrillic-fonts version 4.3.0 xorg-x11-server-sdk version 1.1.1 XFree86-ISO8859-9-100dpi-fonts version 4.3.0 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-libs version 4.3.0 XFree86-tools version 4.3.0 xorg-x11-server-Xnest version 1.1.1 xorg-server versions prior to 1.3.0.0-r6 XFree86-syriac-fonts version 4.3.0 xorg-x11-server-Xdmx version 1.1.1 XFree86-75dpi-fonts version 4.3.0 XFree86-ISO8859-15-100dpi-fonts version 4.3.0 XFree86-base-fonts version 4.3.0 XFree86-doc version 4.3.0 XFree86-ISO8859-15-75dpi-fonts version 4.3.0 XFree86-xauth version 4.3.0 xorg-x11-Xvfb xorg-x11-server-Xorg version 1.1.1 xorg-x11-server version 1.1.1 xorg-x11-server-Xephyr version 1.1.1 XFree86-ISO8859-2-100dpi-fonts version 4.3.0 xorg-x11-Xvnc XFree86-xdm version 4.3.0 xorg-x11-server-Xvfb version 1.1.1 xorg-x11-server XFree86-xfs version 4.3.0 xorg-x11-server-randr-source version 1.1.1 XFree86-Xvfb version 4.3.0 XFree86-Mesa-libGL version 4.3.0 XFree86-libs-data version 4.3.0 XFree86-ISO8859-2-75dpi-fonts version 4.3.0 XFree86-ISO8859-14-100dpi-fonts version 4.3.0 XFree86 version 4.3.0 XFree86-Xnest version 4.3.0 XFree86-Mesa-libGLU version 4.3.0 XFree86-sdk version 4.3.0

Description The issue is related to multiple vulnerabilities in various packages of the XFree86 and xorg-x11-server software, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities are caused by multiple integer overflows in the Render extension in the X server, which can allow context-dependent attackers to execute arbitrary code via specific requests with invalid fields.

Recommendations For XFree86-twm version 4.3.0, update to a newer version. For XFree86-devel version 4.3.0, update to a newer version. For XFree86-font-utils version 4.3.0, update to a newer version. For XFree86-ISO8859-9-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-cyrillic-fonts version 4.3.0, update to a newer version. For xorg-x11-server-sdk version 1.1.1, update to a newer version. For XFree86-ISO8859-9-100dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-14-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-libs version 4.3.0, update to a newer version. For XFree86-tools version 4.3.0, update to a newer version. For xorg-x11-server-Xnest version 1.1.1, update to a newer version. For xorg-server versions prior to 1.3.0.0-r6, update to version 1.3.0.0-r6 or later. For XFree86-syriac-fonts version 4.3.0, update to a newer version. For xorg-x11-server-Xdmx version 1.1.1, update to a newer version. For XFree86-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-15-100dpi-fonts version 4.3.0, update to a newer version. For XFree86-base-fonts version 4.3.0, update to a newer version. For XFree86-doc version 4.3.0, update to a newer version. For XFree86-ISO8859-15-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-xauth version 4.3.0, update to a newer version. For xorg-x11-Xvfb, update to a newer version. For xorg-x11-server-Xorg version 1.1.1, update to a newer version. For xorg-x11-server version 1.1.1, update to a newer version. For xorg-x11-server-Xephyr version 1.1.1, update to a newer version. For XFree86-ISO8859-2-100dpi-fonts version 4.3.0, update to a newer version. For xorg-x11-Xvnc, update to a newer version. For XFree86-xdm version 4.3.0, update to a newer version. For xorg-x11-server-Xvfb version 1.1.1, update to a newer version. For xorg-x11-server, update to a newer version. For XFree86-xfs version 4.3.0, update to a newer version. For xorg-x11-server-randr-source version 1.1.1, update to a newer version. For XFree86-Xvfb version 4.3.0, update to a newer version. For XFree86-Mesa-libGL version 4.3.0, update to a newer version. For XFree86-libs-data version 4.3.0, update to a newer version. For XFree86-ISO8859-2-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-14-100dpi-fonts version 4.3.0, update to a newer version. For XFree86 version 4.3.0, update to a newer version. For XFree86-Xnest version 4.3.0, update to a newer version. For XFree86-Mesa-libGLU version 4.3.0, update to a newer version. For XFree86-sdk version 4.3.0, update to a newer version.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

BDU:2015-04179

BDU:2015-04180

BDU:2015-04181

BDU:2015-04182

BDU:2015-06578

BDU:2015-06588

BDU:2015-06589

BDU:2015-06591

BDU:2015-06594

BDU:2015-06597

BDU:2015-06600

BDU:2015-06603

BDU:2015-06628

BDU:2015-06629

BDU:2015-06630

BDU:2015-06631

BDU:2015-06632

BDU:2015-06633

BDU:2015-06634

BDU:2015-06635

BDU:2015-06636

BDU:2015-06637

BDU:2015-06638

BDU:2015-06639

BDU:2015-06640

BDU:2015-06641

BDU:2015-06642

BDU:2015-06643

BDU:2015-06644

BDU:2015-06645

BDU:2015-06646

BDU:2015-06647

BDU:2015-06648

BDU:2015-06649

BDU:2015-06650

BDU:2015-06651

BDU:2015-06652

BDU:2015-06653

BDU:2015-06654

BDU:2015-06655

BDU:2015-06656

BDU:2015-06657

BDU:2015-09631

CVE-2008-2362

DSA-1595-1

DTSA-141-1

OPENSUSE-SU-2024:11525-1

RHSA-2008:0504

RHSA-2008_0504

Produtos afetados

Red Hat

Xfree86

Xorg-Server

Xorg-X11-Server

PT-2007-7519 · Xfree86+2 · Xfree86+3

CVE-2008-2362

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 166