CVE-2008-2361
published 2008-06-16CVE-2008-2361: Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to…
medium6.8CVSS 3.1
AVNACLAuSCNINAC
Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xorg-server | < xorg-server 2:1.4.1~git20080517-2 (bookworm) | xorg-server 2:1.4.1~git20080517-2 (bookworm) |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080517-2 | 2:1.4.1~git20080517-2 |
| xorg | x11 | — | — |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:C
osv6.8MEDIUM