ID CVE-2008-1377
Summary The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
References
Vulnerable Configurations
  • cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:*
    cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 11-10-2018 - 20:32)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:01:44.981-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
family unix
id oval:org.mitre.oval:def:10109
status accepted
submitted 2010-07-09T03:56:16-04:00
title The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
version 31
redhat via4
advisories
  • rhsa
    id RHSA-2008:0502
  • rhsa
    id RHSA-2008:0503
  • rhsa
    id RHSA-2008:0504
  • rhsa
    id RHSA-2008:0512
rpms
  • XFree86-0:4.3.0-128.EL
  • XFree86-100dpi-fonts-0:4.3.0-128.EL
  • XFree86-75dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-14-100dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-14-75dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-15-100dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-15-75dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-2-100dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-2-75dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-9-100dpi-fonts-0:4.3.0-128.EL
  • XFree86-ISO8859-9-75dpi-fonts-0:4.3.0-128.EL
  • XFree86-Mesa-libGL-0:4.3.0-128.EL
  • XFree86-Mesa-libGLU-0:4.3.0-128.EL
  • XFree86-Xnest-0:4.3.0-128.EL
  • XFree86-Xvfb-0:4.3.0-128.EL
  • XFree86-base-fonts-0:4.3.0-128.EL
  • XFree86-cyrillic-fonts-0:4.3.0-128.EL
  • XFree86-devel-0:4.3.0-128.EL
  • XFree86-doc-0:4.3.0-128.EL
  • XFree86-font-utils-0:4.3.0-128.EL
  • XFree86-libs-0:4.3.0-128.EL
  • XFree86-libs-data-0:4.3.0-128.EL
  • XFree86-sdk-0:4.3.0-128.EL
  • XFree86-syriac-fonts-0:4.3.0-128.EL
  • XFree86-tools-0:4.3.0-128.EL
  • XFree86-truetype-fonts-0:4.3.0-128.EL
  • XFree86-twm-0:4.3.0-128.EL
  • XFree86-xauth-0:4.3.0-128.EL
  • XFree86-xdm-0:4.3.0-128.EL
  • XFree86-xfs-0:4.3.0-128.EL
  • xorg-x11-0:6.8.2-1.EL.33.0.4
  • xorg-x11-Mesa-libGL-0:6.8.2-1.EL.33.0.4
  • xorg-x11-Mesa-libGLU-0:6.8.2-1.EL.33.0.4
  • xorg-x11-Xdmx-0:6.8.2-1.EL.33.0.4
  • xorg-x11-Xnest-0:6.8.2-1.EL.33.0.4
  • xorg-x11-Xvfb-0:6.8.2-1.EL.33.0.4
  • xorg-x11-deprecated-libs-0:6.8.2-1.EL.33.0.4
  • xorg-x11-deprecated-libs-devel-0:6.8.2-1.EL.33.0.4
  • xorg-x11-devel-0:6.8.2-1.EL.33.0.4
  • xorg-x11-doc-0:6.8.2-1.EL.33.0.4
  • xorg-x11-font-utils-0:6.8.2-1.EL.33.0.4
  • xorg-x11-libs-0:6.8.2-1.EL.33.0.4
  • xorg-x11-sdk-0:6.8.2-1.EL.33.0.4
  • xorg-x11-tools-0:6.8.2-1.EL.33.0.4
  • xorg-x11-twm-0:6.8.2-1.EL.33.0.4
  • xorg-x11-xauth-0:6.8.2-1.EL.33.0.4
  • xorg-x11-xdm-0:6.8.2-1.EL.33.0.4
  • xorg-x11-xfs-0:6.8.2-1.EL.33.0.4
  • xorg-x11-server-Xdmx-0:1.1.1-48.41.el5_2.1
  • xorg-x11-server-Xephyr-0:1.1.1-48.41.el5_2.1
  • xorg-x11-server-Xnest-0:1.1.1-48.41.el5_2.1
  • xorg-x11-server-Xorg-0:1.1.1-48.41.el5_2.1
  • xorg-x11-server-Xvfb-0:1.1.1-48.41.el5_2.1
  • xorg-x11-server-debuginfo-0:1.1.1-48.41.el5_2.1
  • xorg-x11-server-sdk-0:1.1.1-48.41.el5_2.1
  • XFree86-0:4.1.0-88.EL
  • XFree86-100dpi-fonts-0:4.1.0-88.EL
  • XFree86-75dpi-fonts-0:4.1.0-88.EL
  • XFree86-ISO8859-15-100dpi-fonts-0:4.1.0-88.EL
  • XFree86-ISO8859-15-75dpi-fonts-0:4.1.0-88.EL
  • XFree86-ISO8859-2-100dpi-fonts-0:4.1.0-88.EL
  • XFree86-ISO8859-2-75dpi-fonts-0:4.1.0-88.EL
  • XFree86-ISO8859-9-100dpi-fonts-0:4.1.0-88.EL
  • XFree86-ISO8859-9-75dpi-fonts-0:4.1.0-88.EL
  • XFree86-Xnest-0:4.1.0-88.EL
  • XFree86-Xvfb-0:4.1.0-88.EL
  • XFree86-cyrillic-fonts-0:4.1.0-88.EL
  • XFree86-devel-0:4.1.0-88.EL
  • XFree86-doc-0:4.1.0-88.EL
  • XFree86-libs-0:4.1.0-88.EL
  • XFree86-tools-0:4.1.0-88.EL
  • XFree86-twm-0:4.1.0-88.EL
  • XFree86-xdm-0:4.1.0-88.EL
  • XFree86-xf86cfg-0:4.1.0-88.EL
  • XFree86-xfs-0:4.1.0-88.EL
refmap via4
apple APPLE-SA-2009-02-12
bugtraq
  • 20080620 rPSA-2008-0200-1 xorg-server
  • 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
confirm
debian DSA-1595
gentoo
  • GLSA-200806-07
  • GLSA-200807-07
hp
  • HPSBUX02381
  • SSRT080083
idefense 20080611 Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption Vulnerabilities
mandriva
  • MDVSA-2008:115
  • MDVSA-2008:116
mlist [xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions
sectrack 1020247
secunia
  • 30627
  • 30628
  • 30629
  • 30630
  • 30637
  • 30659
  • 30664
  • 30666
  • 30671
  • 30715
  • 30772
  • 30809
  • 30843
  • 31025
  • 31109
  • 32099
  • 32545
  • 33937
sunalert 238686
suse
  • SUSE-SA:2008:027
  • SUSE-SR:2008:019
ubuntu USN-616-1
vupen
  • ADV-2008-1803
  • ADV-2008-1833
  • ADV-2008-1983
  • ADV-2008-3000
Last major update 11-10-2018 - 20:32
Published 16-06-2008 - 19:41
Last modified 11-10-2018 - 20:32
Back to Top