Информационная безопасность
[RU] switch to English


Многочисленные целочисленные переполнения в X.org / XFree86 (integer overflow)
дополнено с 9 января 2007 г.
Опубликовано:10 января 2007 г.
Источник:
SecurityVulns ID:7024
Тип:локальная
Уровень опасности:
6/10
Описание:Целочисленные переполнения в расширениях DBE и Renderer
Затронутые продукты:XFREE : XFree86 4.3
 XFREE : XFree86 4.6
 X.ORG : X.org 6.8
 XFREE : XFree86 4.5
 XFREE : XFree86 4.4
CVE:CVE-2006-6103 (Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.)
 CVE-2006-6102 (Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.)
 CVE-2006-6101 (Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability (10.01.2007)
 documentIDEFENSE, iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability (10.01.2007)
 documentIDEFENSE, iDefense Security Advisory 01.09.07: Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability (10.01.2007)
 documentUBUNTU, [USN-403-1] X.org vulnerabilities (09.01.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород