SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   X Vendors:   X.org
X Divide By Zero Error in Xrender Extension Lets Users Deny Service
SecurityTracker Alert ID:  1017984
SecurityTracker URL:  http://securitytracker.com/id/1017984
CVE Reference:   CVE-2007-2437   (Links to External Site)
Updated:  May 4 2007
Original Entry Date:  May 1 2007
Impact:   Denial of service via local system, Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0, 7.1, 7.2
Description:   A vulnerability was reported in X. A remote or local user can cause denial of service conditions.

A remote or local user with access to the Xserver can cause the target Xserver to crash. The user can supply specially crafted values to the Xrender extension's XRenderCompositeTrapezoids() and XRenderAddTraps() functions to trigger a divide by zero error.

Derek Abdine of Rapid7 discovered this vulnerability.

The original advisory is available at:

http://www.rapid7.com/advisories/R7-0027.jsp

Impact:   A remote or local user with access to the Xserver can cause the target Xserver to crash.
Solution:   The vendor plans to issue a fixed version (Xserver 1.3.1 for X 7.2).
Vendor URL:  www.x.org/ (Links to External Site)
Cause:   State error
Underlying OS:   Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 4 2007 (Sun Describes Workaround) X Divide By Zero Error in Xrender Extension Lets Users Deny Service
Sun has described a workaround for Solaris 9 and 10.



 Source Message Contents

Date:  Mon, 30 Apr 2007 23:13:50 -0400
Subject:  X


> Denial-of-Service in the Xrender Extension's Trapezoid Drawing Routines

http://www.rapid7.com/advisories/R7-0027.jsp


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC