CVE-2008-1379 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2008-1379

CVE-2008-1379

June 16, 2008

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

Related Resources (53)

http://rhn.redhat.com/errata/RHSA-2008-0504.html

http://secunia.com/advisories/30666

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722

http://secunia.com/advisories/30628

http://secunia.com/advisories/30664

http://secunia.com/advisories/30809

http://support.apple.com/kb/HT3438

http://www.vupen.com/english/advisories/2008/1803

http://www.mandriva.com/security/advisories?name=MDVSA-2008:115

http://secunia.com/advisories/30637

http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm

http://www.mandriva.com/security/advisories?name=MDVSA-2008:116

http://www.securityfocus.com/bid/29669

http://www.debian.org/security/2008/dsa-1595

http://secunia.com/advisories/30843

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201

http://securitytracker.com/id?1020246

http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/43016

http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml

http://secunia.com/advisories/32099

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html

http://secunia.com/advisories/30627

http://secunia.com/advisories/31025

http://www.vupen.com/english/advisories/2008/1983/references

http://www.vupen.com/english/advisories/2008/1833

http://secunia.com/advisories/30629

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8966

https://issues.rpath.com/browse/RPL-2619

http://www.mandriva.com/security/advisories?name=MDVSA-2008:179

http://secunia.com/advisories/30671

http://secunia.com/advisories/30659

ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

http://secunia.com/advisories/30715

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321

http://secunia.com/advisories/31109

http://secunia.com/advisories/33937

http://rhn.redhat.com/errata/RHSA-2008-0512.html

https://issues.rpath.com/browse/RPL-2607

http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html

http://rhn.redhat.com/errata/RHSA-2008-0502.html

http://www.ubuntu.com/usn/usn-616-1

http://lists.freedesktop.org/archives/xorg/2008-June/036026.html

http://www.vupen.com/english/advisories/2008/3000

http://security.gentoo.org/glsa/glsa-200806-07.xml

http://www.redhat.com/support/errata/RHSA-2008-0503.html

http://secunia.com/advisories/30772

http://secunia.com/advisories/32545

http://www.securityfocus.com/archive/1/493550/100/0/threaded

http://secunia.com/advisories/30630

https://access.redhat.com/security/cve/CVE-2008-1379

http://www.securityfocus.com/archive/1/493548/100/0/threaded

Do you need more information?

CVSS v4

Base Score:

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

HIGH

Vulnerable System Integrity

NONE

Vulnerable System Availability

NONE

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

CVSS v2

Base Score:

6.8

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

EPSS

Base Score:

1.00

Products

Solutions

Resources

Company

Compare

Developer Tools