Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1379

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1379
Last Modified 07 Mar 2011 10:07:00
Published 16 Jun 2008 03:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-1379

Summary

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

Vulnerable Systems

Application

  • X11 R7.3


References

BID - 29669

CONFIRM - ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff

CONFIRM - https://issues.rpath.com/browse/RPL-2619

CONFIRM - https://issues.rpath.com/browse/RPL-2607

XF - xorg-fbshmputimage-information-disclosure(43016)

VUPEN - ADV-2008-3000

VUPEN - ADV-2008-1983

VUPEN - ADV-2008-1833

VUPEN - ADV-2008-1803

UBUNTU - USN-616-1

BUGTRAQ - 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs

BUGTRAQ - 20080620 rPSA-2008-0200-1 xorg-server

REDHAT - RHSA-2008:0503

MANDRIVA - MDVSA-2008:179

MANDRIVA - MDVSA-2008:116

MANDRIVA - MDVSA-2008:115

GENTOO - GLSA-200807-07

DEBIAN - DSA-1595

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm

CONFIRM - http://support.apple.com/kb/HT3438

SUNALERT - 238686

SECTRACK - 1020246

GENTOO - GLSA-200806-07

SECUNIA - 33937

SECUNIA - 32545

SECUNIA - 32099

SECUNIA - 31109

SECUNIA - 31025

SECUNIA - 30843

SECUNIA - 30809

SECUNIA - 30772

SECUNIA - 30715

SECUNIA - 30671

SECUNIA - 30666

SECUNIA - 30664

SECUNIA - 30659

SECUNIA - 30637

SECUNIA - 30630

SECUNIA - 30629

SECUNIA - 30628

SECUNIA - 30627

REDHAT - RHSA-2008:0512

REDHAT - RHSA-2008:0504

REDHAT - RHSA-2008:0502

SUSE - SUSE-SR:2008:019

SUSE - SUSE-SA:2008:027

MLIST - [xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions

APPLE - APPLE-SA-2009-02-12

IDEFENSE - 20080611 Multiple Vendor X Server MIT-SHM Extension Information Disclosure Vulnerability

HP - SSRT080083

HP - HPSBUX02381

Related Patches

Apple 2009-02-12 Security Update 2009-001 Server (Tiger PPC)

Apple 2009-02-12 Security Update 2009-001 (Tiger PPC)

Apple 2009-02-12 Security Update 2009-001 Server (Tiger Intel)

Apple 2009-02-12 Security Update 2009-001 (Tiger Intel)

Novell SUSE 2008:5321 xorg-x11-Xnest security update for SLE 10 i586


Last Updated: 27 May 2016 10:47:28