Oval Definition:oval:org.mitre.oval:def:11246
Revision Date:2013-04-29Version:13
Title:Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
Description:Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-2362
Platform(s):CentOS Linux 5
Oracle Linux 5
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • xorg-x11-server-randr-source is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server-Xnest is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server-Xvfb is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server-Xdmx is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server-sdk is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server-Xephyr is earlier than 0:1.1.1-48.41.el5_2.1
  • OR xorg-x11-server-Xorg is earlier than 0:1.1.1-48.41.el5_2.1
    • BACK