CVE

Id
31494  
CVE No.
CVE-2008-1377  
Status
Candidate  
Description
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.  
Phase
Assigned (20080318)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
337520 31494 CVE-2008-1377 IDEFENSE:20080611 Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption Vulnerabilities  View
337521 31494 CVE-2008-1377 URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721  View
337522 31494 CVE-2008-1377 BUGTRAQ:20080620 rPSA-2008-0200-1 xorg-server  View
337523 31494 CVE-2008-1377 URL:http://www.securityfocus.com/archive/1/archive/1/493548/100/0/threaded  View
337524 31494 CVE-2008-1377 BUGTRAQ:20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs  View
337525 31494 CVE-2008-1377 URL:http://www.securityfocus.com/archive/1/archive/1/493550/100/0/threaded  View
337526 31494 CVE-2008-1377 MLIST:[xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions  View
337527 31494 CVE-2008-1377 URL:http://lists.freedesktop.org/archives/xorg/2008-June/036026.html  View
337528 31494 CVE-2008-1377 CONFIRM:ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1377.diff  View
337529 31494 CVE-2008-1377 CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201  View
337530 31494 CVE-2008-1377 CONFIRM:https://issues.rpath.com/browse/RPL-2607  View
337531 31494 CVE-2008-1377 CONFIRM:https://issues.rpath.com/browse/RPL-2619  View
337532 31494 CVE-2008-1377 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm  View
337533 31494 CVE-2008-1377 CONFIRM:http://support.apple.com/kb/HT3438  View
337534 31494 CVE-2008-1377 APPLE:APPLE-SA-2009-02-12  View
337535 31494 CVE-2008-1377 URL:http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html  View
337536 31494 CVE-2008-1377 DEBIAN:DSA-1595  View
337537 31494 CVE-2008-1377 URL:http://www.debian.org/security/2008/dsa-1595  View
337538 31494 CVE-2008-1377 GENTOO:GLSA-200806-07  View
337539 31494 CVE-2008-1377 URL:http://security.gentoo.org/glsa/glsa-200806-07.xml  View
337540 31494 CVE-2008-1377 GENTOO:GLSA-200807-07  View
337541 31494 CVE-2008-1377 URL:http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml  View
337542 31494 CVE-2008-1377 HP:HPSBUX02381  View
337543 31494 CVE-2008-1377 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321  View
337544 31494 CVE-2008-1377 HP:SSRT080083  View
337545 31494 CVE-2008-1377 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321  View
337546 31494 CVE-2008-1377 MANDRIVA:MDVSA-2008:116  View
337547 31494 CVE-2008-1377 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:116  View
337548 31494 CVE-2008-1377 MANDRIVA:MDVSA-2008:115  View
337549 31494 CVE-2008-1377 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:115  View
337550 31494 CVE-2008-1377 REDHAT:RHSA-2008:0502  View
337551 31494 CVE-2008-1377 URL:http://rhn.redhat.com/errata/RHSA-2008-0502.html  View
337552 31494 CVE-2008-1377 REDHAT:RHSA-2008:0504  View
337553 31494 CVE-2008-1377 URL:http://rhn.redhat.com/errata/RHSA-2008-0504.html  View
337554 31494 CVE-2008-1377 REDHAT:RHSA-2008:0512  View
337555 31494 CVE-2008-1377 URL:http://rhn.redhat.com/errata/RHSA-2008-0512.html  View
337556 31494 CVE-2008-1377 REDHAT:RHSA-2008:0503  View
337557 31494 CVE-2008-1377 URL:http://www.redhat.com/support/errata/RHSA-2008-0503.html  View
337558 31494 CVE-2008-1377 SUNALERT:238686  View
337559 31494 CVE-2008-1377 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1  View
337560 31494 CVE-2008-1377 SUSE:SUSE-SA:2008:027  View
337561 31494 CVE-2008-1377 URL:http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html  View
337562 31494 CVE-2008-1377 SUSE:SUSE-SR:2008:019  View
337563 31494 CVE-2008-1377 URL:http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html  View
337564 31494 CVE-2008-1377 UBUNTU:USN-616-1  View
337565 31494 CVE-2008-1377 URL:http://www.ubuntu.com/usn/usn-616-1  View
337566 31494 CVE-2008-1377 OVAL:oval:org.mitre.oval:def:10109  View
337567 31494 CVE-2008-1377 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10109  View
337568 31494 CVE-2008-1377 SECUNIA:32545  View
337569 31494 CVE-2008-1377 URL:http://secunia.com/advisories/32545  View
337570 31494 CVE-2008-1377 VUPEN:ADV-2008-1803  View
337571 31494 CVE-2008-1377 URL:http://www.vupen.com/english/advisories/2008/1803  View
337572 31494 CVE-2008-1377 VUPEN:ADV-2008-1833  View
337573 31494 CVE-2008-1377 URL:http://www.vupen.com/english/advisories/2008/1833  View
337574 31494 CVE-2008-1377 VUPEN:ADV-2008-1983  View
337575 31494 CVE-2008-1377 URL:http://www.vupen.com/english/advisories/2008/1983/references  View
337576 31494 CVE-2008-1377 SECTRACK:1020247  View
337577 31494 CVE-2008-1377 URL:http://securitytracker.com/id?1020247  View
337578 31494 CVE-2008-1377 SECUNIA:30627  View
337579 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30627  View
337580 31494 CVE-2008-1377 SECUNIA:30628  View
337581 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30628  View
337582 31494 CVE-2008-1377 SECUNIA:30629  View
337583 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30629  View
337584 31494 CVE-2008-1377 SECUNIA:30630  View
337585 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30630  View
337586 31494 CVE-2008-1377 SECUNIA:30637  View
337587 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30637  View
337588 31494 CVE-2008-1377 SECUNIA:30659  View
337589 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30659  View
337590 31494 CVE-2008-1377 SECUNIA:30664  View
337591 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30664  View
337592 31494 CVE-2008-1377 SECUNIA:30666  View
337593 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30666  View
337594 31494 CVE-2008-1377 SECUNIA:30671  View
337595 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30671  View
337596 31494 CVE-2008-1377 SECUNIA:30715  View
337597 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30715  View
337598 31494 CVE-2008-1377 SECUNIA:30772  View
337599 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30772  View
337600 31494 CVE-2008-1377 SECUNIA:30809  View
337601 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30809  View
337602 31494 CVE-2008-1377 SECUNIA:30843  View
337603 31494 CVE-2008-1377 URL:http://secunia.com/advisories/30843  View
337604 31494 CVE-2008-1377 SECUNIA:31109  View
337605 31494 CVE-2008-1377 URL:http://secunia.com/advisories/31109  View
337606 31494 CVE-2008-1377 SECUNIA:32099  View
337607 31494 CVE-2008-1377 URL:http://secunia.com/advisories/32099  View
337608 31494 CVE-2008-1377 SECUNIA:31025  View
337609 31494 CVE-2008-1377 URL:http://secunia.com/advisories/31025  View
337610 31494 CVE-2008-1377 SECUNIA:33937  View
337611 31494 CVE-2008-1377 URL:http://secunia.com/advisories/33937  View
337612 31494 CVE-2008-1377 VUPEN:ADV-2008-3000  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
50280 JVNDB-2008-005590 ZoneMinder における任意のコマンドを実行される脆弱性 ZoneMinder には、任意のコマンドを実行される脆弱性が存在します。 CVE-2008-1381 31494 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005590.html  View