CVE-2008-1379

Name of the Vulnerable Software and Affected Versions XFree86-twm versions 4.1.0 through 4.3.0 XFree86-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-sdk version 4.3.0 XFree86-doc versions 4.1.0 through 4.3.0 XFree86-devel versions 4.1.0 through 4.3.0 XFree86-font-utils version 4.3.0 XFree86-xf86cfg versions 4.1.0 XFree86-ISO8859-9-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-15-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-cyrillic-fonts versions 4.1.0 through 4.3.0 xorg-x11-server-sdk version 1.1.1 xorg-x11-server-Xnest version 1.1.1 xorg-x11-server-Xdmx version 1.1.1 xorg-x11-server-Xorg version 1.1.1 xorg-x11-server version 1.1.1 xorg-x11-server-Xvfb version 1.1.1 xorg-x11-server-Xephyr version 1.1.1 xorg-x11-server-randr-source version 1.1.1 XFree86-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-Mesa-libGL version 4.3.0 XFree86-libs versions 4.1.0 through 4.3.0 XFree86-libs-data version 4.3.0 XFree86-xdm versions 4.1.0 through 4.3.0 XFree86-xfs versions 4.1.0 through 4.3.0 XFree86-Xvfb versions 4.1.0 through 4.3.0 XFree86-truetype-fonts version 4.3.0 XFree86-base-fonts version 4.3.0 XFree86-syriac-fonts version 4.3.0 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-ISO8859-2-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-2-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-9-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-15-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-tools versions 4.1.0 through 4.3.0

Description The issue is related to multiple vulnerabilities in various XFree86 and xorg-x11-server packages, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities exist in the MIT-SHM extension in the X server, allowing context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

Recommendations For XFree86-twm versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-sdk version 4.3.0, update to a version outside of this range. For XFree86-doc versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-devel versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-font-utils version 4.3.0, update to a version outside of this range. For XFree86-xf86cfg versions 4.1.0, update to a version outside of this range. For XFree86-ISO8859-9-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-15-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-cyrillic-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For xorg-x11-server-sdk version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xnest version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xdmx version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xorg version 1.1.1, update to a version outside of this range. For xorg-x11-server version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xvfb version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xephyr version 1.1.1, update to a version outside of this range. For xorg-x11-server-randr-source version 1.1.1, update to a version outside of this range. For XFree86-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Mesa-libGL version 4.3.0, update to a version outside of this range. For XFree86-libs versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-libs-data version 4.3.0, update to a version outside of this range. For XFree86-xdm versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-xfs versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Xvfb versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-truetype-fonts version 4.3.0, update to a version outside of this range. For XFree86-base-fonts version 4.3.0, update to a version outside of this range. For XFree86-syriac-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-14-75dpi-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-9-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-15-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-tools versions 4.1.0 through 4.3.0, update to a version outside of this range.