1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2007-6429
References:
https://bugs.freedesktop.org/attachment.cgi?id=13300 (testcase for 13519)
https://bugs.freedesktop.org/attachment.cgi?id=13581 (patch for 13519)
https://bugs.freedesktop.org/attachment.cgi?id=13178 (testcase for 13520)
https://bugs.freedesktop.org/attachment.cgi?id=13099 (patch for 13520)
http://www.ubuntu.com/usn/usn-571-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429
PublicDate: 2008-01-18
Description:
Multiple integer overflows in X.Org Xserver before 1.4.1 allow
context-dependent attackers to execute arbitrary code via (1) a
GetVisualInfo request containing a 32-bit value that is improperly used to
calculate an amount of memory for allocation by the EVI extension, or (2) a
request containing values related to pixmap size that are improperly used
in management of shared memory by the MIT-SHM extension.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.freedesktop.org/show_bug.cgi?id=13519
https://bugs.freedesktop.org/show_bug.cgi?id=13520
Priority: medium
Assigned-to: kees
upstream_xorg-server: pending
dapper_xorg-server: released (1:1.0.2-0ubuntu10.8)
edgy_xorg-server: released (1:1.1.1-0ubuntu12.3)
feisty_xorg-server: released (2:1.2.0-3ubuntu8.1)
gutsy_xorg-server: released (2:1.3.0.0.dfsg-12ubuntu8.1)
devel_xorg-server: released (2:1.4.1~git20080105-1ubuntu2)
|