CVE Vulnerabilities

CVE-2008-2362

Published: Jun 16, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.

Affected Software

Name Vendor Start Version End Version
X11 X r7.3 r7.3
Red Hat Enterprise Linux 5 RedHat xorg-x11-server-0:1.1.1-48.41.el5_2.1 *
Xorg-server Ubuntu dapper *
Xorg-server Ubuntu devel *
Xorg-server Ubuntu feisty *
Xorg-server Ubuntu gutsy *
Xorg-server Ubuntu hardy *
Xorg-server Ubuntu upstream *

References