ID CVE-2005-2495
Summary Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
References
Vulnerable Configurations
  • cpe:2.3:a:xfree86_project:xfree86:3.3.6
    cpe:2.3:a:xfree86_project:xfree86:3.3.6
  • cpe:2.3:a:xfree86_project:xfree86:4.0.0
    cpe:2.3:a:xfree86_project:xfree86:4.0.0
  • cpe:2.3:a:xfree86_project:xfree86:4.0.1
    cpe:2.3:a:xfree86_project:xfree86:4.0.1
  • cpe:2.3:a:xfree86_project:xfree86:4.0.2
    cpe:2.3:a:xfree86_project:xfree86:4.0.2
  • cpe:2.3:a:xfree86_project:xfree86:4.0.3
    cpe:2.3:a:xfree86_project:xfree86:4.0.3
  • cpe:2.3:a:xfree86_project:xfree86:4.1.0
    cpe:2.3:a:xfree86_project:xfree86:4.1.0
  • cpe:2.3:a:xfree86_project:xfree86:4.2.0
    cpe:2.3:a:xfree86_project:xfree86:4.2.0
  • cpe:2.3:a:xfree86_project:xfree86:4.2.1
    cpe:2.3:a:xfree86_project:xfree86:4.2.1
CVSS
Base: 5.1 (as of 15-09-2005 - 19:38)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2005-894.NASL
    description Updated xorg-x11 packages that fix several integer overflows, various bugs, are now available for Fedora Core 4. X.Org X11 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Several integer overflow bugs were found in the way X.Org X11 code parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Additionally, this update contains : - Support for some newer models of Intel i945 video chipsets. - A fix for a regression caused in the last Xorg update for Fedora Core 4, which resulted in some Matrox hardware to fail to initialize properly, which was introduced in the PCI config space access bugfix from the previous xorg-x11 update. The PCI config code has been updated now to handle BIOS related quirks of this nature, so this fix may also benefit users of some other brands of video hardware as well. - A fix for a memory leak in the X server's shadow framebuffer code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 19740
    published 2005-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19740
    title Fedora Core 4 : xorg-x11-6.8.2-37.FC4.48.1 (2005-894)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2005-893.NASL
    description Updated xorg-x11 packages that fix several integer overflows, various bugs, are now available for Fedora Core 3. X.Org X11 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Several integer overflow bugs were found in the way X.Org X11 code parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Additionally, this update contains : - Support for some newer models of Intel i945 video chipsets. - A change to the X server to make it use linux PCI config space access methods instead of directly touching the PCI config space registers itself. This prevents the X server from causing hardware lockups due accessing PCI config space at the same time the kernel has it locked. This is the latest revision of the PCI config space access patches, which fix a few regressions discovered on some hardware with previous patches. - A fix for a memory leak in the X server's shadow framebuffer code. - A problem with the Dutch keyboard layout has been resolved. - The open source 'nv' driver for Nvidia hardware has been updated to the latest version. Additionally, a workaround has been added to the driver to disable known unstable acceleration primitives on some GeForce 6200/6600/6800 models. - Several bugs have been fixed in the Xnest X server. - DRI is now enabled by default on all ATI Radeon hardware except for the Radeon 7000/Radeon VE chipsets, which is known to be unstable for many users currently when DRI is enabled. Radeon 7000 users can re-enable DRI if desired by using Option 'DRI' in the device section of the config file, with the understanding that we consider it unstable currently. - Added missing libFS.so and libGLw.so symlinks to the xorg-x11-devel package, which were inadvertently left out, causing apps to link to the static versions of these libraries. - Fix xfs.init 'fonts.dir: No such file or directory' errors A number of other issues have also been resolved. Please consult the xorg-x11 rpm changelog for a detailed list. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 19739
    published 2005-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19739
    title Fedora Core 3 : xorg-x11-6.8.2-1.FC3.45 (2005-893)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_32960.NASL
    description s700_800 11.23 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver.
    last seen 2019-01-16
    modified 2018-08-10
    plugin id 22177
    published 2006-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22177
    title HP-UX PHSS_32960 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_32965.NASL
    description s700_800 11.00 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver.
    last seen 2019-01-16
    modified 2018-08-10
    plugin id 22178
    published 2006-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22178
    title HP-UX PHSS_32965 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-182-1.NASL
    description A local privilege escalation vulnerability has been discovered in the pixmap allocation handling of the X server. By allocating a huge pixmap, a local user could trigger an integer overflow that resulted in a memory allocation that was too small for the requested pixmap. This resulted in a buffer overflow which could eventually be exploited to execute arbitrary code with full root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-08-15
    plugin id 20593
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20593
    title Ubuntu 4.10 / 5.04 : xorg, xfree86 vulnerabilities (USN-182-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 119060 patch-revision plugins, or deemed non-security related.
    last seen 2019-01-16
    modified 2018-07-30
    plugin id 22985
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22985
    title Solaris 10 (x86) : 119060-72 (deprecated)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-329.NASL
    description Updated XFree86 packages that fix several integer overflows are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. Several integer overflow bugs were found in the way XFree86 parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 19688
    published 2005-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19688
    title RHEL 2.1 : XFree86 (RHSA-2005:329)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059_46.NASL
    description X11 6.6.2: Xsun patch. This patch addresses IAVT 2009-T-0001.
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 82536
    published 2015-04-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82536
    title Solaris 10 (sparc) : 119059-46
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_118908.NASL
    description X11 6.7.0_x86: Xorg patch. Date this patch was last updated by Sun : Sep/23/08
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 23609
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23609
    title Solaris 9 (x86) : 118908-06
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 119059 patch-revision plugins, or deemed non-security related.
    last seen 2019-01-16
    modified 2018-07-30
    plugin id 22952
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22952
    title Solaris 10 (sparc) : 119059-73 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_108652.NASL
    description X11 6.4.1: Xsun patch. Date this patch was last updated by Sun : May/04/06
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23300
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23300
    title Solaris 8 (sparc) : 108652-98
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-816.NASL
    description Soren Sandmann discovered a bug in memory allocation for pixmap images, that can cause a crash of the X server or to execute arbitrary code. The update for the old stable distribution (woody) also contains a different correction for multiple vulnerabilities in libXpm ( DSA 607, CAN-2004-0914, Bug#309143), since the old fix contained a regression.
    last seen 2019-01-16
    modified 2018-07-20
    plugin id 19785
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19785
    title Debian DSA-816-1 : xfree86 - integer overflow
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_118966.NASL
    description X11 6.8.0_x86: Xorg patch. Date this patch was last updated by Sun : Feb/23/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 22984
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22984
    title Solaris 10 (x86) : 118966-25
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-164.NASL
    description A vulnerability was discovered in the pixmap allocation handling of the X server that can lead to local privilege escalation. By allocating a huge pixmap, a local user could trigger an integer overflow that resulted in a memory allocation that was too small for the requested pixmap, leading to a buffer overflow which could then be exploited to execute arbitrary code with full root privileges. The updated packages have been patched to address these issues.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 19919
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19919
    title Mandrake Linux Security Advisory : XFree86 (MDKSA-2005:164)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2005-269-02.NASL
    description New X.Org server packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue. An integer overflow in the pixmap handling code may allow the execution of arbitrary code through a specially crafted pixmap. Slackware 10.2 was patched against this vulnerability before its release, but new server packages are being issued for Slackware 10.2 and -current using an improved patch, as there were some bug reports using certain programs.
    last seen 2019-01-16
    modified 2018-08-09
    plugin id 19867
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19867
    title Slackware 10.0 / 10.1 / 10.2 / current : X.Org pixmap overflow (SSA:2005-269-02)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200509-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-200509-07 (X.Org: Heap overflow in pixmap allocation) X.Org is missing an integer overflow check during pixmap memory allocation. Impact : An X.Org user could exploit this issue to make the X server execute arbitrary code with elevated privileges. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-08-10
    plugin id 19686
    published 2005-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19686
    title GLSA-200509-07 : X.Org: Heap overflow in pixmap allocation
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_A863AA7424BE11DA8882000E0C33C2DC.NASL
    description Allocating large pixmaps by a client can trigger an integer overflow in the X server, potentially leading to execution of arbitrary code with elevated (root) privileges.
    last seen 2019-01-16
    modified 2018-12-19
    plugin id 21490
    published 2006-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21490
    title FreeBSD : X11 server -- pixmap allocation vulnerability (a863aa74-24be-11da-8882-000e0c33c2dc)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_32966.NASL
    description s700_800 11.11 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver.
    last seen 2019-01-16
    modified 2018-08-10
    plugin id 22179
    published 2006-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22179
    title HP-UX PHSS_32966 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-396.NASL
    description Updated X.org packages that fix several integer overflows are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. Several integer overflow bugs were found in the way X.org parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Users of X.org should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 19691
    published 2005-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19691
    title RHEL 4 : xorg-x11 (RHSA-2005:396)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060_45.NASL
    description X11 6.6.2_x86: Xsun patch. This patch addresses IAVT 2009-T-0001.
    last seen 2018-09-02
    modified 2018-07-30
    plugin id 82537
    published 2015-04-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82537
    title Solaris 10 (x86) : 119060-45
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-69.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Nov/15/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107301
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107301
    title Solaris 10 (sparc) : 119059-69
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-396.NASL
    description Updated X.org packages that fix several integer overflows are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. Several integer overflow bugs were found in the way X.org parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Users of X.org should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 21934
    published 2006-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21934
    title CentOS 4 : xorg-x11 (CESA-2005:396)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-501.NASL
    description Updated XFree86 packages that fix several integer overflows, various bugs, and add ATI RN50/ES1000 support are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Several integer overflow bugs were found in the way XFree86 parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Additionally this update adds the following new features in this release: - Support for ATI RN50/ES1000 chipsets has been added. The following bugs were also fixed in this release: - A problem with the X server's module loading system that led to cache incoherency on the Itanium architecture. - The X server's PCI config space accesses caused contention with the kernel if accesses occurred while the kernel lock was held. - X font server (xfs) crashed when accessing Type 1 fonts via showfont. - A problem with the X transport library prevented X applications from starting if the hostname started with a digit. - An issue where refresh rates were being restricted to 60Hz on some Intel i8xx systems Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 21833
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21833
    title CentOS 3 : XFree86 (CESA-2005:501)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-501.NASL
    description Updated XFree86 packages that fix several integer overflows, various bugs, and add ATI RN50/ES1000 support are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Several integer overflow bugs were found in the way XFree86 parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue. Additionally this update adds the following new features in this release: - Support for ATI RN50/ES1000 chipsets has been added. The following bugs were also fixed in this release: - A problem with the X server's module loading system that led to cache incoherency on the Itanium architecture. - The X server's PCI config space accesses caused contention with the kernel if accesses occurred while the kernel lock was held. - X font server (xfs) crashed when accessing Type 1 fonts via showfont. - A problem with the X transport library prevented X applications from starting if the hostname started with a digit. - An issue where refresh rates were being restricted to 60Hz on some Intel i8xx systems Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 19712
    published 2005-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19712
    title RHEL 3 : XFree86 (RHSA-2005:501)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-72.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Mar/09/17
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107304
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107304
    title Solaris 10 (sparc) : 119059-72
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-70.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Jul/13/15
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107302
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107302
    title Solaris 10 (sparc) : 119059-70
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-64.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Sep/12/13
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107801
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107801
    title Solaris 10 (x86) : 119060-64
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-71.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Nov/12/15
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107303
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107303
    title Solaris 10 (sparc) : 119059-71
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-66.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Mar/15/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107300
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107300
    title Solaris 10 (sparc) : 119059-66
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-65.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Sep/12/13
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107299
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107299
    title Solaris 10 (sparc) : 119059-65
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-65.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Mar/15/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107802
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107802
    title Solaris 10 (x86) : 119060-65
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-69.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Jul/13/15
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107804
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107804
    title Solaris 10 (x86) : 119060-69
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-71.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Mar/09/17
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107806
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107806
    title Solaris 10 (x86) : 119060-71
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-70.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Nov/12/15
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107805
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107805
    title Solaris 10 (x86) : 119060-70
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-68.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Nov/15/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107803
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107803
    title Solaris 10 (x86) : 119060-68
oval via4
  • accepted 2006-05-03T10:06:00.000-04:00
    class vulnerability
    contributors
    name Robert L. Hollis
    organization ThreatGuard, Inc.
    description Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
    family unix
    id oval:org.mitre.oval:def:1044
    status accepted
    submitted 2006-02-12T01:16:00.000-04:00
    title Solaris Xsun Privilege Escalation via Pixmaps Vulnerability
    version 32
  • accepted 2013-04-29T04:20:42.488-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
    family unix
    id oval:org.mitre.oval:def:9615
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
    version 23
  • accepted 2006-05-03T10:06:00.000-04:00
    class vulnerability
    contributors
    name Robert L. Hollis
    organization ThreatGuard, Inc.
    description Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
    family unix
    id oval:org.mitre.oval:def:998
    status accepted
    submitted 2006-02-12T01:16:00.000-04:00
    title Solaris Xorg Privilege Escalation via Pixmaps Vulnerability
    version 31
redhat via4
advisories
  • rhsa
    id RHSA-2005:329
  • rhsa
    id RHSA-2005:396
  • rhsa
    id RHSA-2005:501
refmap via4
bid 14807
cert-vn VU#102441
confirm
debian DSA-816
fedora
  • FEDORA-2005-893
  • FEDORA-2005-894
  • FLSA:168264-2
gentoo GLSA-200509-07
hp
  • HPSBUX02137
  • SSRT051024
mandrake MDKSA-2005:164
osvdb 19352
sco SCOSA-2006.22
sectrack 1014887
secunia
  • 16777
  • 16790
  • 17044
  • 17215
  • 17258
  • 17278
  • 19624
  • 19796
  • 21318
sgi 20060403-01-U
sunalert
  • 101926
  • 101953
suse
  • SUSE-SA:2005:056
  • SUSE-SR:2005:023
trustix 2005-0049
ubuntu USN-182-1
vupen ADV-2006-3140
xf xorg-pixmap-bo(22244)
Last major update 07-12-2016 - 22:00
Published 15-09-2005 - 16:03
Last modified 19-10-2018 - 11:33
Back to Top