what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2008-116

Posted Jun 17, 2008

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An input validation flaw was found in X.org's Security and Record extensions. A malicious authorized client could exploit the issue to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server. Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. In addition, this update corrects a problem that could cause memory corruption or segfaults in the render code of the vnc server on Mandriva Linux 2008.1

tags | advisory, denial of service, overflow, arbitrary, root

systems | linux, mandriva

advisories | CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362

SHA-256 | 5ffea7cb2bcdc6377984292956c0256c79820cff0d71079514b6e9198832c821

Download | Favorite | View

Related Files

No related files