Back to search
CVE-2008-2362
Published: Jun 16, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://issues.rpath.com/browse/RPL-2607
x_refsource_CONFIRM
29670
vdb-entry
x_refsource_BID
238686
vendor-advisory
x_refsource_SUNALERT
33937
third-party-advisory
x_refsource_SECUNIA
30664
third-party-advisory
x_refsource_SECUNIA
20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
mailing-list
x_refsource_BUGTRAQ
31025
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11246
vdb-entry
signature
x_refsource_OVAL
http://support.apple.com/kb/HT3438
x_refsource_CONFIRM
APPLE-SA-2009-02-12
vendor-advisory
x_refsource_APPLE
ADV-2008-1833
vdb-entry
x_refsource_VUPEN
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201
x_refsource_CONFIRM
GLSA-200806-07
vendor-advisory
x_refsource_GENTOO
30715
third-party-advisory
x_refsource_SECUNIA
30666
third-party-advisory
x_refsource_SECUNIA
30627
third-party-advisory
x_refsource_SECUNIA
30637
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:116
vendor-advisory
x_refsource_MANDRIVA
1020245
vdb-entry
x_refsource_SECTRACK
ADV-2008-1803
vdb-entry
x_refsource_VUPEN
http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm
x_refsource_CONFIRM
SUSE-SA:2008:027
vendor-advisory
x_refsource_SUSE
30772
third-party-advisory
x_refsource_SECUNIA
20080611 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
30659
third-party-advisory
x_refsource_SECUNIA
31109
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1983
vdb-entry
x_refsource_VUPEN
30671
third-party-advisory
x_refsource_SECUNIA
30809
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:179
vendor-advisory
x_refsource_MANDRIVA
[xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions
mailing-list
x_refsource_MLIST
RHSA-2008:0504
vendor-advisory
x_refsource_REDHAT
30843
third-party-advisory
x_refsource_SECUNIA
DSA-1595
vendor-advisory
x_refsource_DEBIAN
USN-616-1
vendor-advisory
x_refsource_UBUNTU
32099
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-2619
x_refsource_CONFIRM
SUSE-SR:2008:019
vendor-advisory
x_refsource_SUSE
20080620 rPSA-2008-0200-1 xorg-server
mailing-list
x_refsource_BUGTRAQ
30630
third-party-advisory
x_refsource_SECUNIA
GLSA-200807-07
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now