CVE Vulnerabilities

CVE-2008-2361

Published: Jun 16, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.

Affected Software

Name Vendor Start Version End Version
X11 Xorg r7.3 r7.3
Red Hat Enterprise Linux 3 RedHat XFree86-0:4.3.0-128.EL *
Red Hat Enterprise Linux 4 RedHat xorg-x11-0:6.8.2-1.EL.33.0.4 *
Red Hat Enterprise Linux 5 RedHat xorg-x11-server-0:1.1.1-48.41.el5_2.1 *
Xorg-server Ubuntu dapper *
Xorg-server Ubuntu devel *
Xorg-server Ubuntu feisty *
Xorg-server Ubuntu gutsy *
Xorg-server Ubuntu hardy *
Xorg-server Ubuntu upstream *

References