CVE-2008-1377

Vulnerability Description

The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-137
• http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721
• http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
• http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
• http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.htmlPatch
• http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
• http://rhn.redhat.com/errata/RHSA-2008-0502.htmlPatch
• http://rhn.redhat.com/errata/RHSA-2008-0504.html
• http://rhn.redhat.com/errata/RHSA-2008-0512.html
• http://secunia.com/advisories/30627Vendor Advisory
• http://secunia.com/advisories/30628Vendor Advisory
• http://secunia.com/advisories/30629Vendor Advisory
• http://secunia.com/advisories/30630Vendor Advisory
• http://secunia.com/advisories/30637Vendor Advisory