Debian DSA-1466-3 Critical: XFree86 Local Escalation Issues
debian
January 21, 2008
Several local vulnerabilities have been discovered in the X.Org X
server."regenrecht" discovered that missing input sanitising within
the XFree86-Misc extension may lead to...
Summary
For the reference the original advisory text below:
Several local vulnerabilities have been discovered in the X.Org X
server. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-5760
"regenrecht" discovered that missing input sanitising within
the XFree86-Misc extension may lead to local privilege escalation.
CVE-2007-5958
It was discovered that error messages of security policy file
handling may lead to a minor information leak disclosing the
existance of files otherwise unaccessible to the user.
CVE-2007-6427
"regenrecht" discovered that missing input sanitising within
the XInput-Misc extension may lead to local privilege escalation.
CVE-2007-6428
"regenrecht" discovered that missing input sanitising within
the TOG-CUP extension may lead to disclosure of memory contents.
CVE-2007-6429
"regenrecht" discovered that integer overflows in the EVI
and MIT-SHM extensions may lead to local pri...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!