PT-2010-2878 · X.Org+1 · X.Org X11R7.1+1
Olivier Fourdan
+1
·
Published
2010-04-28
·
Updated
2023-02-13
·
CVE-2010-1166
CVSS v2.0
7.1
High
| Vector | AV:N/AC:H/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
X.Org X11R7.1
Description
The issue is related to the fbComposite function in fbpict.c in the Render extension in the X server, which allows remote authenticated users to cause a denial of service, resulting in memory corruption and daemon crash, or possibly execute arbitrary code via a crafted request. This is due to an incorrect macro definition.
Recommendations
For X.Org X11R7.1, consider disabling the Render extension as a temporary workaround until a patch is available. Restrict access to the X server to minimize the risk of exploitation.
Exploit
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat
X.Org X11R7.1