First published: Sun Dec 31 2006(Updated: )
Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/xorg-server | 2:1.20.4-1+deb10u4 2:1.20.4-1+deb10u9 2:1.20.11-1+deb11u6 2:21.1.7-3 2:21.1.8-1 | |
X Server (X.Org) | =6.8.2 | |
X Server (X.Org) | =6.9.0 | |
X Server (X.Org) | =7.0 | |
X Server (X.Org) | =7.1 | |
XFree86 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-6103 has a high severity rating due to its potential to allow local users to execute arbitrary code.
To fix CVE-2006-6103, it is recommended to update the X.Org Server to a patched version such as 2:1.20.4-1+deb10u9 or later.
CVE-2006-6103 affects versions 6.8.2, 6.9.0, 7.0, and 7.1 of X.Org, as well as certain versions of XFree86.
CVE-2006-6103 requires local access to exploit, making it less likely to be used in remote attacks.
Exploiting CVE-2006-6103 can lead to arbitrary code execution, potentially compromising system integrity and security.