FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-1379

This CVE name corresponds to:

Entered Topic
2008-06-15 xorg -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-1379 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-1379
Phase Assigned(20080318)

Description

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

References

Source Reference
IDEFENSE 20080611 Multiple Vendor X Server MIT-SHM Extension Information Disclosure Vulnerability
BUGTRAQ 20080620 rPSA-2008-0200-1 xorg-server
BUGTRAQ 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions
CONFIRM ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201
CONFIRM https://issues.rpath.com/browse/RPL-2607
CONFIRM https://issues.rpath.com/browse/RPL-2619
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm
CONFIRM http://support.apple.com/kb/HT3438
APPLE APPLE-SA-2009-02-12
DEBIAN DSA-1595
GENTOO GLSA-200806-07
GENTOO GLSA-200807-07
HP HPSBUX02381
HP SSRT080083
MANDRIVA MDVSA-2008:116
MANDRIVA MDVSA-2008:115
MANDRIVA MDVSA-2008:179
REDHAT RHSA-2008:0502
REDHAT RHSA-2008:0504
REDHAT RHSA-2008:0512
REDHAT RHSA-2008:0503
SUNALERT 238686
SUSE SUSE-SA:2008:027
SUSE SUSE-SR:2008:019
UBUNTU USN-616-1
BID 29669
OVAL oval:org.mitre.oval:def:8966
SECUNIA 32545
VUPEN ADV-2008-1803
VUPEN ADV-2008-1833
VUPEN ADV-2008-1983
SECTRACK 1020246
SECUNIA 30627
SECUNIA 30628
SECUNIA 30629
SECUNIA 30630
SECUNIA 30637
SECUNIA 30659
SECUNIA 30664
SECUNIA 30666
SECUNIA 30671
SECUNIA 30715
SECUNIA 30772
SECUNIA 30809
SECUNIA 30843
SECUNIA 31109
SECUNIA 32099
SECUNIA 31025
SECUNIA 33937
VUPEN ADV-2008-3000
XF xorg-fbshmputimage-information-disclosure(43016)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.