FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-2361

This CVE name corresponds to:

Entered Topic
2008-06-15 xorg -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-2361 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-2361
Phase Assigned(20080521)

Description

Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.

References

Source Reference
IDEFENSE 20080611 Multiple Vendor X Server Render Extension ProcRenderCreateCursor() Integer Overflow Vulnerability
BUGTRAQ 20080620 rPSA-2008-0200-1 xorg-server
BUGTRAQ 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions
CONFIRM ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2361.diff
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201
CONFIRM https://issues.rpath.com/browse/RPL-2607
CONFIRM https://issues.rpath.com/browse/RPL-2619
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm
CONFIRM http://support.apple.com/kb/HT3438
APPLE APPLE-SA-2009-02-12
DEBIAN DSA-1595
GENTOO GLSA-200806-07
GENTOO GLSA-200807-07
MANDRIVA MDVSA-2008:116
MANDRIVA MDVSA-2008:115
MANDRIVA MDVSA-2008:179
REDHAT RHSA-2008:0502
REDHAT RHSA-2008:0504
REDHAT RHSA-2008:0503
SUNALERT 238686
SUSE SUSE-SA:2008:027
SUSE SUSE-SR:2008:019
UBUNTU USN-616-1
BID 29665
OVAL oval:org.mitre.oval:def:8978
VUPEN ADV-2008-1803
VUPEN ADV-2008-1833
VUPEN ADV-2008-1983
SECTRACK 1020244
SECUNIA 30627
SECUNIA 30629
SECUNIA 30630
SECUNIA 30637
SECUNIA 30659
SECUNIA 30664
SECUNIA 30666
SECUNIA 30671
SECUNIA 30715
SECUNIA 30772
SECUNIA 30809
SECUNIA 30843
SECUNIA 31109
SECUNIA 32099
SECUNIA 31025
SECUNIA 33937

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.