Debian DSA-1466-2 Critical: Xorg-Server Local Escalation Issues
debian
January 19, 2008
Ulf Harnhammer discovered that the HTML filter of the Horde web
application framework performed insufficient input sanitising, which
may lead to the deletion of emails if a user ...
Topics Covered
Summary
CVE-2007-5760
"regenrecht" discovered that missing input sanitising within
the XFree86-Misc extension may lead to local privilege escalation.
CVE-2007-5958
It was discovered that error messages of security policy file
handling may lead to a minor information leak disclosing the
existance of files otherwise unaccessible to the user.
CVE-2007-6427
"regenrecht" discovered that missing input sanitising within
the XInput-Misc extension may lead to local privilege escalation.
CVE-2007-6428
"regenrecht" discovered that missing input sanitising within
the TOG-CUP extension may lead to disclosure of memory contents.
CVE-2007-6429
"regenrecht" discovered that integer overflows in the EVI
and MIT-SHM extensions may lead to local privilege escalation.
CVE-2008-0006
It was discovered that insufficient validation of PCF fonts could lead
to local privilege escalation.
For the unstable distribution (sid), this problem has been fixed in
...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!