Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Производитель ПО
Наименование ПО
Xserver
(B.11.11, B.11.23, B.11.31)
Описание
Уязвимость при обработке целочисленных типов в функции ProcRenderAddGlyphs в Render extension в X.Org и сервере XFree86 X позволяет локальным пользователям выполнить произвольный код, используя специально сформированный запрос X protocol, который вызывает ошибку при работе с памятью при обработке glyph management data structures.
Как исправить
Для устранения уязвимости необходимо установить последнюю версию продукта, соответствующую используемой платформе. Необходимую информацию можно получить по адресу:
http://xforce.iss.net/xforce/xfdb/31337
http://xforce.iss.net/xforce/xfdb/31337
Ссылки
IDEFENSE (20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability): http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463
MLIST ([x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions): http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html
UBUNTU (USN-403-1): http://www.ubuntu.com/usn/usn-403-1
https://issues.rpath.com/browse/RPL-920
MANDRIVA (MDKSA-2007:005): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:005
REDHAT (RHSA-2007:0002): http://www.redhat.com/support/errata/RHSA-2007-0002.html
REDHAT (RHSA-2007:0003): http://www.redhat.com/support/errata/RHSA-2007-0003.html
BID (21968): http://www.securityfocus.com/bid/21968
FRSIRT (ADV-2007-0108): http://www.frsirt.com/english/advisories/2007/0108
FRSIRT (ADV-2007-0109): http://www.frsirt.com/english/advisories/2007/0109
SECTRACK (1017495): http://securitytracker.com/id?1017495
XF (xorg-xserver-render-overflow(31337)): http://xforce.iss.net/xforce/xfdb/31337
DEBIAN (DSA-1249): http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00004.html
SUSE (SUSE-SA:2007:008): http://www.novell.com/linux/security/advisories/2007_08_x.html
http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm
GENTOO (GLSA-200701-25): http://security.gentoo.org/glsa/glsa-200701-25.xml
SLACKWARE (SSA:2007-066-02): http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555
SUNALERT (102803): http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1
FRSIRT (ADV-2007-0589): http://www.frsirt.com/english/advisories/2007/0589
FRSIRT (ADV-2007-0669): http://www.frsirt.com/english/advisories/2007/0669
MLIST ([x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions): http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html
UBUNTU (USN-403-1): http://www.ubuntu.com/usn/usn-403-1
https://issues.rpath.com/browse/RPL-920
MANDRIVA (MDKSA-2007:005): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:005
REDHAT (RHSA-2007:0002): http://www.redhat.com/support/errata/RHSA-2007-0002.html
REDHAT (RHSA-2007:0003): http://www.redhat.com/support/errata/RHSA-2007-0003.html
BID (21968): http://www.securityfocus.com/bid/21968
FRSIRT (ADV-2007-0108): http://www.frsirt.com/english/advisories/2007/0108
FRSIRT (ADV-2007-0109): http://www.frsirt.com/english/advisories/2007/0109
SECTRACK (1017495): http://securitytracker.com/id?1017495
XF (xorg-xserver-render-overflow(31337)): http://xforce.iss.net/xforce/xfdb/31337
DEBIAN (DSA-1249): http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00004.html
SUSE (SUSE-SA:2007:008): http://www.novell.com/linux/security/advisories/2007_08_x.html
http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm
GENTOO (GLSA-200701-25): http://security.gentoo.org/glsa/glsa-200701-25.xml
SLACKWARE (SSA:2007-066-02): http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555
SUNALERT (102803): http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1
FRSIRT (ADV-2007-0589): http://www.frsirt.com/english/advisories/2007/0589
FRSIRT (ADV-2007-0669): http://www.frsirt.com/english/advisories/2007/0669