SuSE Update For Xorg-x11,XFree86 SUSE-SA:2008:027 Network Vulnerability

Impact

local code execution

Solution

Please Install the Updated Packages.

Insight

Multiple vulnerabilities in the X.org X Server were reported by iDefense and fixed: - CVE-2008-2360 - RENDER Extension heap buffer overflow - CVE-2008-2361 - RENDER Extension crash - CVE-2008-2362 - RENDER Extension memory corruption - CVE-2008-1379 - MIT-SHM arbitrary memory read - CVE-2008-1377 - RECORD and Security extensions memory corruption Additionally the updated packages include fixes for: - XvReputImage crashes due to Nulled PortPriv-&gt pDraw - gnome-screensaver loses keyboard focus lock under compiz CVE-2007-3920

Affected

xorg-x11,XFree86 on openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SLE SDK 10 SP2, SUSE Linux Enterprise Server 10 SP1, SUSE Linux Enterprise Desktop 10 SP2, SUSE Linux Enterprise Server 10 SP2

References

http://www.novell.com/linux/security/advisories/2008_27_xorg.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-3920, CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SuSE Update for xorg-x11,XFree86 SUSE-SA:2008:027

Take action and discover your vulnerabilities