Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
X.Org X server Render扩展 AllocateGlyph()函数整数溢出漏洞
Vulnerability Description
Xorg X Server是多个厂商操作系统中所捆绑的X窗口系统显示服务器。 X.Org X Server的Render扩展中的多个请求处理器会调用AllocateGlyph()函数,该函数从请求中获得多个值并相乘以计算所要分配的堆缓冲区内存。这个计算可能会出现整数溢出,最终导致堆溢出。如果攻击者能够访问控制台的话,就可以通过向受影响的X服务器发送命令触发这个溢出;如果将X服务器配置为监听基于TCP的客户端连接,且允许客户端通过xhosts文件创建会话,就可以远程利用这些漏洞。
CVSS Information
N/A
Vulnerability Type
N/A