An input validation flaw was found in the X.org server"s XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service , or potentially execute arbitrary code with root privileges on the X.org server . A flaw was found in the X.org server"s XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user . A memory corruption flaw was found in the X.org server"s XInput extension that could allow a malicious authorized client to cause a denial of service or potentially execute arbitrary code with root privileges on the X.org server . An information disclosure flaw was found in the X.org server"s TOG-CUP extension that could allow a malicious authorized client to cause a denial of service or potentially view arbitrary memory content within the X.org server"s address space . Two integer overflow flaws were found in the X.org server"s EVI and MIT-SHM modules that could allow a malicious authorized client to cause a denial of service or potentially execute arbitrary code with the privileges of the X.org server . The updated packages have been patched to correct these issues.