First published: Fri Jan 18 2008(Updated: )
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
X.Org Xserver | <=1.4 | |
X.org Evi | ||
X.org Mit-shm |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.