SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2008-1379

Date: (C)2008-06-16 (M)2023-12-22

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.0
Impact Score: 6.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: NONE
Availability: NONE

Reference:

SECTRACK-1020246

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722

http://www.securityfocus.com/archive/1/493548/100/0/threaded

http://www.securityfocus.com/archive/1/493550/100/0/threaded

SUNALERT-238686

APPLE-SA-2009-02-12

SUSE-SA:2008:027

SUSE-SR:2008:019

http://lists.freedesktop.org/archives/xorg/2008-June/036026.html

ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff

http://support.apple.com/kb/HT3438

http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201

https://issues.rpath.com/browse/RPL-2607

https://issues.rpath.com/browse/RPL-2619

oval:org.mitre.oval:def:8966

xorg-fbshmputimage-information-disclosure(43016)

oval:org.mitre.oval:def:8313
oval:org.secpod.oval:def:301595
oval:org.secpod.oval:def:301416

© SecPod Technologies