Debian Security Advisory 1249-1 - Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation or denial of service.
ed5d69ac62299e4332a836ee6f8b8eb2430a4754a55340e4c65197ed22882f54
Mandriva Linux Security Advisory - Sean Larsson of iDefense Labs discovered several vulnerabilities in X.Org/XFree86.
97b35c6e735b8d6c0b2ff08fe7eaad461cfd42fdcc735462b8497e968ed446ca
iDefense Security Advisory - Local exploitation of a memory corruption vulnerability in the "ProcDbeSwapBuffers" function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. This vulnerability specifically lies within the DBE extension. Insufficient input validation exists when allocating memory for data structures. By sending a specially crafted X protocol request to the DBE extension, an attacker can cause an exploitable memory corruption condition. iDefense has confirmed the existence of this vulnerability in the X.Org server version 7.1-1.1.0. Previous versions may also be affected.
1c0f3d7a8d4c80341e8081cffa1b9e7a4a90fb00e6381eafc8321dc771916c7a
Ubuntu Security Notice 403-1 - The DBE and Render extensions in X.org were vulnerable to integer overflows, which could lead to memory overwrites. An authenticated user could make a specially crafted request and execute arbitrary code with root privileges.
8d8cb53782e2bfc00d93539ec3132f01e9ad6e46b2537922ea0a41e1eb46dee8