CVE-2010-4818

Name of the Vulnerable Software and Affected Versions xorg-x11-server-Xorg version 1.7.7 xorg-x11-server-Xephyr version 1.7.7 xorg-x11-server-Xnest version 1.7.7 xorg-x11-server-Xdmx version 1.7.7 xorg-x11-server-devel version 1.7.7 xorg-x11-server-common version 1.7.7 xorg-x11-server-debuginfo version 1.7.7 xorg-x11-server-Xvfb version 1.7.7

Description The issue affects multiple packages of the xorg-x11-server, allowing remote authenticated users to cause a denial of service or possibly execute arbitrary code. This can be achieved through crafted requests to specific functions, such as those in glx/glxcmdsswap.c or glx/glxcmds.c, or by exploiting vulnerabilities in the screen field of a request. The exploitation can lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For xorg-x11-server-Xorg version 1.7.7, consider disabling the vulnerable functions until a patch is available. For xorg-x11-server-Xephyr version 1.7.7, restrict access to the vulnerable modules to minimize the risk of exploitation. For xorg-x11-server-Xnest version 1.7.7, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For xorg-x11-server-Xdmx version 1.7.7, apply configuration changes to limit the impact of the vulnerability. For xorg-x11-server-devel version 1.7.7, xorg-x11-server-common version 1.7.7, xorg-x11-server-debuginfo version 1.7.7, and xorg-x11-server-Xvfb version 1.7.7, update to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.