Ubuntu Update For Xorg-server Vulnerabilities USN-939-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-939-1

Solution

Please Install the Updated Packages.

Insight

Lo&#239 c Minier discovered that xvfb-run did not correctly keep the X.org session cookie private. A local attacker could gain access to any local sessions started by xvfb-run. Ubuntu 9.10 was not affected. (CVE-2009-1573) It was discovered that the X.org server did not correctly handle certain calculations. A remote attacker could exploit this to crash the X.org session or possibly run arbitrary code with root privileges. (CVE-2010-1166)

Affected

xorg-server vulnerabilities on Ubuntu 8.04 LTS , Ubuntu 9.04 , Ubuntu 9.10

Severity

Classification

CVE CVE-2009-1573, CVE-2010-1166

CVSS	Base Score: 7.1 AV:N/AC:H/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for dhcp vulnerability USN-531-2
Ubuntu Update for curl vulnerability USN-484-1
Ubuntu Update for bind9 USN-1566-1
Ubuntu Update for cupsys vulnerabilities USN-563-1
Ubuntu Update for Firefox 3.0 and Xulrunner 1.9 vulnerabilities USN-895-1

Ubuntu Update for xorg-server vulnerabilities USN-939-1

Take action and discover your vulnerabilities