SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   X Vendors:   X.org
X Divide By Zero Error in Xrender Extension Lets Users Deny Service
SecurityTracker Alert ID:  1017984
SecurityTracker URL:  http://securitytracker.com/id/1017984
CVE Reference:   CVE-2007-2437   (Links to External Site)
Updated:  May 4 2007
Original Entry Date:  May 1 2007
Impact:   Denial of service via local system, Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0, 7.1, 7.2
Description:   A vulnerability was reported in X. A remote or local user can cause denial of service conditions.

A remote or local user with access to the Xserver can cause the target Xserver to crash. The user can supply specially crafted values to the Xrender extension's XRenderCompositeTrapezoids() and XRenderAddTraps() functions to trigger a divide by zero error.

Derek Abdine of Rapid7 discovered this vulnerability.

The original advisory is available at:

http://www.rapid7.com/advisories/R7-0027.jsp

Impact:   A remote or local user with access to the Xserver can cause the target Xserver to crash.
Solution:   The vendor plans to issue a fixed version (Xserver 1.3.1 for X 7.2).
Vendor URL:  www.x.org/ (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 4 2007 (Sun Describes Workaround) X Divide By Zero Error in Xrender Extension Lets Users Deny Service
Sun has described a workaround for Solaris 9 and 10.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC