cpe:/a:x:x11:r7.3 CVE-2008-2362 2008-06-16T15:41:00.000-04:00 2017-09-28T21:31:08.367-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-06-17T11:55:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1020245 IDEFENSE 20080611 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability BUGTRAQ 20080620 rPSA-2008-0200-1 xorg-server BUGTRAQ 20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs SUNALERT 238686 BID 29670 SECUNIA 30627 SECUNIA 30630 SECUNIA 30637 SECUNIA 30659 SECUNIA 30664 SECUNIA 30666 SECUNIA 30671 SECUNIA 30715 SECUNIA 30772 SECUNIA 30809 SECUNIA 30843 SECUNIA 31025 SECUNIA 31109 SECUNIA 32099 SECUNIA 33937 VUPEN ADV-2008-1803 VUPEN ADV-2008-1833 VUPEN ADV-2008-1983 APPLE APPLE-SA-2009-02-12 DEBIAN DSA-1595 GENTOO GLSA-200806-07 GENTOO GLSA-200807-07 MANDRIVA MDVSA-2008:116 MANDRIVA MDVSA-2008:179 REDHAT RHSA-2008:0504 SUSE SUSE-SA:2008:027 SUSE SUSE-SR:2008:019 UBUNTU USN-616-1 MLIST [xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions CONFIRM ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff CONFIRM http://support.apple.com/kb/HT3438 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201 CONFIRM https://issues.rpath.com/browse/RPL-2607 CONFIRM https://issues.rpath.com/browse/RPL-2619 Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.