Sun Security Blog
Security
|
09 Apr 2009
Sun Alert 238686 Multiple Security Vulnerabilities in the Solaris X Server Extensions May lead to a Denial of Service (DoS) Condition or Allow Execution of Arbitrary Code
Product: Solaris 8 Operating System, Solaris 9 Operating System, Solaris 10 Operating System, OpenSolaris Multiple integer, heap and buffer overflow security vulnerabilities exist in the Render, RECORD, Security, and MIT-SHM Extensions to the Solaris X11 display server (Xorg(1) and Xsun(1)) and the Solaris X11 print server (Xprt(1)). These vulnerabilities may allow a local or remote unprivileged user who is authorized (via xhost(1) or xauth(1)) to connect to the X server and execute arbitrary code with root privileges, access arbitrary memory within the X server's address space, or crash the X11 display server process. The ability to crash the X11 display server is a type of Denial of Service (DoS). These issues are described in the following documents: CVE-2008-2360 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 CVE-2008-2361 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 CVE-2008-2362 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362 CVE-2008-1379 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 CVE-2008-1377 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 State: Resolved First released: 12-Jun-2008
Permalink
|
Comments [0]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_238686_multiple_security
Comments:
Post a Comment: |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
