Oval Definition:oval:org.mitre.oval:def:19332
Revision Date:2015-04-20Version:31
Title:HP-UX Running Xserver, Remote Execution of Arbitrary Code
Description:Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-6429
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02381
  • HP-UX B.11.31
  • AND Xserver.X11-SERV is installed
  • AND NOT Patch PHSS_38840 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02381
  • HP-UX B.11.23
  • AND filesets tests
  • URL: is installed
  • OR Xserver.X11-SERV is installed
  • AND NOT Patch PHSS_37972 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02381
  • HP-UX B.11.11
  • AND filesets tests
  • URL: is installed
  • OR Xserver.X11-SERV is installed
  • AND NOT Patch PHSS_34392 is installed
    • BACK