CVE-2008-2360
published 2008-06-16CVE-2008-2360: Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute…
critical9CVSS 3.1
AVNACLAuSCCICAC
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xorg-server | < xorg-server 2:1.4.1~git20080517-2 (bookworm) | xorg-server 2:1.4.1~git20080517-2 (bookworm) |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x | x11 | — | — |
CVSS provenance
nvd9.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
osv9.0CRITICAL