CVE-2008-2362

Name of the Vulnerable Software and Affected Versions XFree86-twm version 4.3.0 XFree86-devel version 4.3.0 XFree86-font-utils version 4.3.0 XFree86-ISO8859-9-75dpi-fonts version 4.3.0 XFree86-cyrillic-fonts version 4.3.0 xorg-x11-server-sdk version 1.1.1 XFree86-ISO8859-9-100dpi-fonts version 4.3.0 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-libs version 4.3.0 XFree86-tools version 4.3.0 xorg-x11-server-Xnest version 1.1.1 xorg-server versions prior to 1.3.0.0-r6 XFree86-syriac-fonts version 4.3.0 xorg-x11-server-Xdmx version 1.1.1 XFree86-75dpi-fonts version 4.3.0 XFree86-ISO8859-15-100dpi-fonts version 4.3.0 XFree86-base-fonts version 4.3.0 XFree86-doc version 4.3.0 XFree86-ISO8859-15-75dpi-fonts version 4.3.0 XFree86-xauth version 4.3.0 xorg-x11-Xvfb xorg-x11-server-Xorg version 1.1.1 xorg-x11-server version 1.1.1 xorg-x11-server-Xephyr version 1.1.1 XFree86-ISO8859-2-100dpi-fonts version 4.3.0 xorg-x11-Xvnc XFree86-xdm version 4.3.0 xorg-x11-server-Xvfb version 1.1.1 xorg-x11-server XFree86-xfs version 4.3.0 xorg-x11-server-randr-source version 1.1.1 XFree86-Xvfb version 4.3.0 XFree86-Mesa-libGL version 4.3.0 XFree86-libs-data version 4.3.0 XFree86-ISO8859-2-75dpi-fonts version 4.3.0 XFree86-ISO8859-14-100dpi-fonts version 4.3.0 XFree86 version 4.3.0 XFree86-Xnest version 4.3.0 XFree86-Mesa-libGLU version 4.3.0 XFree86-sdk version 4.3.0

Description The issue is related to multiple vulnerabilities in various packages of the XFree86 and xorg-x11-server software, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities are caused by multiple integer overflows in the Render extension in the X server, which can allow context-dependent attackers to execute arbitrary code via specific requests with invalid fields.

Recommendations For XFree86-twm version 4.3.0, update to a newer version. For XFree86-devel version 4.3.0, update to a newer version. For XFree86-font-utils version 4.3.0, update to a newer version. For XFree86-ISO8859-9-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-cyrillic-fonts version 4.3.0, update to a newer version. For xorg-x11-server-sdk version 1.1.1, update to a newer version. For XFree86-ISO8859-9-100dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-14-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-libs version 4.3.0, update to a newer version. For XFree86-tools version 4.3.0, update to a newer version. For xorg-x11-server-Xnest version 1.1.1, update to a newer version. For xorg-server versions prior to 1.3.0.0-r6, update to version 1.3.0.0-r6 or later. For XFree86-syriac-fonts version 4.3.0, update to a newer version. For xorg-x11-server-Xdmx version 1.1.1, update to a newer version. For XFree86-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-15-100dpi-fonts version 4.3.0, update to a newer version. For XFree86-base-fonts version 4.3.0, update to a newer version. For XFree86-doc version 4.3.0, update to a newer version. For XFree86-ISO8859-15-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-xauth version 4.3.0, update to a newer version. For xorg-x11-Xvfb, update to a newer version. For xorg-x11-server-Xorg version 1.1.1, update to a newer version. For xorg-x11-server version 1.1.1, update to a newer version. For xorg-x11-server-Xephyr version 1.1.1, update to a newer version. For XFree86-ISO8859-2-100dpi-fonts version 4.3.0, update to a newer version. For xorg-x11-Xvnc, update to a newer version. For XFree86-xdm version 4.3.0, update to a newer version. For xorg-x11-server-Xvfb version 1.1.1, update to a newer version. For xorg-x11-server, update to a newer version. For XFree86-xfs version 4.3.0, update to a newer version. For xorg-x11-server-randr-source version 1.1.1, update to a newer version. For XFree86-Xvfb version 4.3.0, update to a newer version. For XFree86-Mesa-libGL version 4.3.0, update to a newer version. For XFree86-libs-data version 4.3.0, update to a newer version. For XFree86-ISO8859-2-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-14-100dpi-fonts version 4.3.0, update to a newer version. For XFree86 version 4.3.0, update to a newer version. For XFree86-Xnest version 4.3.0, update to a newer version. For XFree86-Mesa-libGLU version 4.3.0, update to a newer version. For XFree86-sdk version 4.3.0, update to a newer version.