2.1

CVE-2006-1526

Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" instead of a "*" operator. NOTE: the subject line of the original announcement used an incorrect CVE number for this issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
X.OrgX11r6 Version6.7.0
X.OrgX11r6 Version6.8
X.OrgX11r6 Version6.8.1
X.OrgX11r6 Version6.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.51% 0.396
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.trustix.org/errata/2006/0024
http://lists.freedesktop.org/archives/xorg/2006-May/015136.html
Patch
http://secunia.com/advisories/19900
Patch
Vendor Advisory
http://secunia.com/advisories/19915
Patch
Vendor Advisory
http://secunia.com/advisories/19916
Patch
Vendor Advisory
http://secunia.com/advisories/19921
Patch
Vendor Advisory
http://secunia.com/advisories/19943
Patch
Vendor Advisory
http://secunia.com/advisories/19951
Patch
Vendor Advisory
http://secunia.com/advisories/19956
Patch
Vendor Advisory
http://secunia.com/advisories/19983
http://securitytracker.com/id?1016018
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102339-1
http://www.gentoo.org/security/en/glsa/glsa-200605-02.xml
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/633257
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:081
http://www.novell.com/linux/security/advisories/2006_05_03.html
Patch
Vendor Advisory
http://www.openbsd.org/errata38.html#xorg
http://www.redhat.com/support/errata/RHSA-2006-0451.html
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/436327/100/0/threaded
http://www.securityfocus.com/bid/17795
http://www.vupen.com/english/advisories/2006/1617
https://bugs.freedesktop.org/show_bug.cgi?id=6642
https://exchange.xforce.ibmcloud.com/vulnerabilities/26200
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9929
https://usn.ubuntu.com/280-1/