Multiple security vulnerabilities exist in the X11 FreeType library and  X11 display servers Xsun(1) and Xorg(1).

The XC-MISC extension is used by the X11 display servers to manage resource IDs. A local or remote unprivileged user who is able to display data on a running X11 server instance may be able to elevate their privileges to root and execute arbitrary code or cause a Denial of Service (DOS) to that X11 server instance resulting from memory corruption in ProxXCMiscGetXIDList.

This issue is described in the following documents:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=503

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

The X11 display servers contain a flaw that may allow a local or remote unprivileged user who is able to display data on a running X11 server instance to elevate their privileges to root and execute arbitrary code or cause a Denial of Service (DOS) to that X11 server instance when a BDF font file specifies that there are more then 2^30 characters defined in the font file.

This issue is described in the following documents:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

The X11 Free Type library and X11 display servers contain a flaw that may allow a local or remote unprivileged user who is able to display data on a running X11 server instance to elevate their privileges to root and execute arbitrary code or cause a Denial of Service (DOS) to that X11 server instance by causing the server to load a long path name in the fonts.dir file for a font.

This issue is described in the following documents:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html