Jump to content

Advisories MDKSA-2007-005: Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities

paul

By paul
in Mandriva Security Advisories

 Share

Recommended Posts

paul Platinum

paul

Posted
Posted

Sean Larsson of iDefense Labs discovered several vulnerabilities in

X.Org/XFree86:

 

Local exploitation of a memory corruption vulnerability in the

'ProcRenderAddGlyphs()' function in the X.Org and XFree86 X server

could allow an attacker to execute arbitrary code with privileges of

the X server, typically root. (CVE-2006-6101)

 

Local exploitation of a memory corruption vulnerability in the

'ProcDbeGetVisualInfo()' function in the X.Org and XFree86 X server

could allow an attacker to execute arbitrary code with privileges of

the X server, typically root. (CVE-2006-6102)

 

Local exploitation of a memory corruption vulnerability in the

'ProcDbeSwapBuffers()' function in the X.Org and XFree86 X server could

allow an attacker to execute arbitrary code with privileges of the X

server, typically root. (CVE-2006-6103)

 

Updated packages are patched to address these issues.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...