SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   X Vendors:   X.org
(Sun Describes Workaround) X Divide By Zero Error in Xrender Extension Lets Users Deny Service
SecurityTracker Alert ID:  1018004
SecurityTracker URL:  http://securitytracker.com/id/1018004
CVE Reference:   CVE-2007-2437   (Links to External Site)
Date:  May 4 2007
Impact:   Denial of service via local system, Denial of service via network
Vendor Confirmed:  Yes  
Version(s): 7.0, 7.1, 7.2
Description:   A vulnerability was reported in X. A remote or local user can cause denial of service conditions.

A remote or local user with access to the Xserver can cause the target Xserver to crash. The user can supply specially crafted values to the Xrender extension's XRenderCompositeTrapezoids() and XRenderAddTraps() functions to trigger a divide by zero error.

Derek Abdine of Rapid7 discovered this vulnerability.

The original advisory is available at:

http://www.rapid7.com/advisories/R7-0027.jsp

Impact:   A remote or local user with access to the Xserver can cause the target Xserver to crash.
Solution:   Sun has described a workaround in their advisory.

Sun is working on a fix.

The Sun advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102901-1

Vendor URL:  www.x.org/ (Links to External Site)
Cause:   State error
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  9, 10

Message History:   This archive entry is a follow-up to the message listed below.
May 1 2007 X Divide By Zero Error in Xrender Extension Lets Users Deny Service



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC