Upstream information
Description
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
National Vulnerability Database | |
---|---|
Base Score | 5 |
Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Access Vector | Network |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | None |
Availability Impact | None |
SUSE Security Advisories:
- SUSE-SA:2008:003, published Thu, 17 Jan 2008 15:00:00 +0000
- SUSE-SR:2008:003, published Thu, 07 Feb 2008 18:00:00 +0000
- SUSE-SR:2008:008, published Fri, 04 Apr 2008 16:00:00 +0000
- TID7021676, published Sa 3. Mär 10:24:18 CET 2018
- TID7021823, published Sa 3. Mär 10:24:20 CET 2018
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA xorg-x11-server-sdk-7.4-27.105.1 |
SUSE Linux Enterprise Server 11 SP1 |
| Patchnames: SUSE Linux Enterprise Server 11 SP1 GA xorg-x11-Xvnc-7.4-27.19.19 |
SUSE Linux Enterprise Server 11 SP2 |
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA xorg-x11-Xvnc-7.4-27.60.5 |
SUSE Linux Enterprise Server 11 SP3 |
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA xorg-x11-Xvnc-7.4-27.81.7 |
SUSE Linux Enterprise Server 11 SP4 |
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA xorg-x11-Xvnc-7.4-27.105.1 SUSE Linux Enterprise Software Development Kit 11 SP4 GA xorg-x11-server-sdk-7.4-27.105.1 |
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024-11525 |
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 16:46:12 2013CVE page last modified: Tue Sep 3 18:12:40 2024