oss-sec mailing list archives

Re: CVE Request: X.org ProcRenderGlyps input sanitation issue

From: Josh Bressers <bressers () redhat com>
Date: Fri, 23 Sep 2011 14:41:54 -0400 (EDT)

Please use CVE-2010-4819

Thanks.

-- 
    JB

----- Original Message -----

Hi,

Also from 2010 and me () halfdog net and the x.org bugtracker:

https://bugs.freedesktop.org/show_bug.cgi?id=28801

Adam in comment #c2 thinks this might just discloses memory
but could not overwrite arbitrary x server memory ...
However the comment #c0 has a x.org server crash, so I am unsure
about code execution possibilities.

Needs one 2010 CVE id I guess.

Ciao, Marcus

Current thread:

CVE Request: X.org ProcRenderGlyps input sanitation issue Marcus Meissner (Sep 22)
- Re: CVE Request: X.org ProcRenderGlyps input sanitation issue Josh Bressers (Sep 23)