Impact
local code execution
Solution
Please Install the Updated Packages.
Insight
Multiple vulnerabilities in the X.org X Server were reported by iDefense and fixed:
- CVE-2008-2360 - RENDER Extension heap buffer overflow - CVE-2008-2361 - RENDER Extension crash
- CVE-2008-2362 - RENDER Extension memory corruption - CVE-2008-1379 - MIT-SHM arbitrary memory read
- CVE-2008-1377 - RECORD and Security extensions memory corruption
Additionally the updated packages include fixes for:
- XvReputImage crashes due to Nulled PortPriv->
pDraw
- gnome-screensaver loses keyboard focus lock under compiz CVE-2007-3920
Affected
xorg-x11,XFree86 on openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SLE SDK 10 SP2, SUSE Linux Enterprise Server 10 SP1, SUSE Linux Enterprise Desktop 10 SP2, SUSE Linux Enterprise Server 10 SP2
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-3920, CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities