CVE-2004-0094

Name of the Vulnerable Software and Affected Versions XFree86 version 4.1.0 xlibosmesa3-dbg (affected versions not specified) xlib6g-dev (affected versions not specified) xfonts-pex (affected versions not specified) xlibosmesa3 (affected versions not specified) xlib6g (affected versions not specified)

Description The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including xlibosmesa3-dbg, xlib6g-dev, xfonts-pex, xlibosmesa3, and xlib6g. These vulnerabilities can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. Specifically, integer signedness errors in XFree86 4.1.0 can allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).

Recommendations For XFree86 version 4.1.0, consider upgrading to a newer version to mitigate the risk. For xlibosmesa3-dbg, xlib6g-dev, xfonts-pex, xlibosmesa3, and xlib6g, at the moment, there is no information about a newer version that contains a fix for this vulnerability.