Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| X.org | X.org | 6.8.2 | 6.8.2 |
| X.org | X.org | 7.1 | 7.1 |
| Xfree86 | Xfree86_project | * | * |
| X.org | X.org | 6.9.0 | 6.9.0 |
| X.org | X.org | 7.0 | 7.0 |