OVAL Reference oval:org.mitre.oval:def:11599

Oval Definition:

oval:org.mitre.oval:def:11599

Revision Date:	2013-04-29	Version:	11
Title:	The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
Description:	The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2007-4990
Platform(s):	CentOS Linux 3 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4	Product(s):
Definition Synopsis
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 OR CentOS Linux 3.x AND Configuration section XFree86-cyrillic-fonts is earlier than 0:4.3.0-126.EL OR XFree86-Xvfb is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-14-100dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-libs is earlier than 0:4.3.0-126.EL OR XFree86-75dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-truetype-fonts is earlier than 0:4.3.0-126.EL OR XFree86-twm is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-9-75dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-libs-data is earlier than 0:4.3.0-126.EL OR XFree86-doc is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-15-100dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-base-fonts is earlier than 0:4.3.0-126.EL OR XFree86-100dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-15-75dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-2-75dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-font-utils is earlier than 0:4.3.0-126.EL OR XFree86-Mesa-libGL is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-2-100dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-xdm is earlier than 0:4.3.0-126.EL OR XFree86-sdk is earlier than 0:4.3.0-126.EL OR XFree86 is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-9-100dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-Xnest is earlier than 0:4.3.0-126.EL OR XFree86-xfs is earlier than 0:4.3.0-126.EL OR XFree86-tools is earlier than 0:4.3.0-126.EL OR XFree86-syriac-fonts is earlier than 0:4.3.0-126.EL OR XFree86-ISO8859-14-75dpi-fonts is earlier than 0:4.3.0-126.EL OR XFree86-xauth is earlier than 0:4.3.0-126.EL OR XFree86-Mesa-libGLU is earlier than 0:4.3.0-126.EL OR XFree86-devel is earlier than 0:4.3.0-126.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 OR CentOS Linux 4.x OR Oracle Linux 4.x AND Configuration section xorg-x11-doc is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-libs is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-xauth is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-Mesa-libGLU is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-twm is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-Mesa-libGL is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-Xdmx is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-xfs is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-deprecated-libs-devel is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-devel is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-Xvfb is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-deprecated-libs is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-sdk is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-xdm is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-Xnest is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11 is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-font-utils is earlier than 0:6.8.2-1.EL.33.0.2 OR xorg-x11-tools is earlier than 0:6.8.2-1.EL.33.0.2

BACK