Sun Security Blog
Security
|
01 Feb 2008
Sun Alert 103200 Multiple Security Vulnerabilities in the Solaris X Server Extensions May Lead to a Denial of Service (DoS) Condition or Allow Execution of Arbitrary Code
Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System Multiple security vulnerabilities exist in the X11 XInput, EVI, MIT SHM and XFree86-MISC extensions to the Solaris X11 display server (Xorg(1), Xsun(1), and the Solaris X11 print server (Xprt(1)). These vulnerabilities may allow a local or remote unprivileged user who is authorized via xhost(1) or xauth(1) to connect to the X server and execute arbitrary code with root privileges, access arbitrary memory within the X server's address space, or crash the X11 display server process. The ability to crash the X11 display server is a type of Denial of Service (DoS). These issues are described in the following documents: CVE-2007-6427 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 CVE-2007-6428 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 CVE-2007-6429 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 CVE-2007-5760 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 State: Resolved First released: 17-Jan-2008
Permalink
|
Comments [0]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_103200_multiple_security
Comments:
Post a Comment: |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
