| Revision Date: | 2015-04-20 | Version: | 28 | | Title: | HP-UX Running X Font Server (xfs) Software, Local Denial of Service (DoS), Unauthorized Access | | Description: | The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2012-1699
| | Platform(s): | HP-UX 11
| Product(s): | | | Definition Synopsis | | Criteria meets HP Security Bulletin HPSBUX02829 HP-UX B.11.11
AND NOT Patch PHSS_43355 is installed
OR Criteria meets HP Security Bulletin HPSBUX02829
HP-UX B.11.23
AND NOT Patch PHSS_43202 is installed
OR Criteria meets HP Security Bulletin HPSBUX02829
HP-UX B.11.31
AND NOT Patch PHSS_43134 is installed
|
|