Description: | Description:
The remote host is missing an update to xorg-x11-server announced via advisory FEDORA-2008-0831.
CVE-2007-5760: XFree86-Misc Extension Invalid Array Index Vulnerability CVE-2007-5958: Xorg / XFree86 file existence disclosure vulnerability CVE-2007-6427: XInput Extension Memory Corruption Vulnerability CVE-2007-6428: TOG-CUP Extension Memory Corruption Vulnerability CVE-2007-6429: EVI and MIT-SHM Extension Integer Overflow Vulnerability CVE-2008-0006: PCF Font Vulnerability - this patch isn't strictly required with new version of libXfont.
This contains ajax's fixes for the MITSHM patch.
References: [ 1 ] Bug #429125 - CVE-2007-5958 CVE-2007-6429 CVE-2007-6429_MITSHM CVE-2007-6428 CVE-2007-6427 CVE-2007-5760 Multiple xorg-x11-server vulnerabilities [Fedora 7] https://bugzilla.redhat.com/show_bug.cgi?id=429125 [ 2 ] Bug #391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=391841 [ 3 ] Bug #413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension https://bugzilla.redhat.com/show_bug.cgi?id=413721 [ 4 ] Bug #413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension https://bugzilla.redhat.com/show_bug.cgi?id=413741 [ 5 ] Bug #413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension https://bugzilla.redhat.com/show_bug.cgi?id=413791 [ 6 ] Bug #413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension https://bugzilla.redhat.com/show_bug.cgi?id=413811 [ 7 ] Bug #414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension https://bugzilla.redhat.com/show_bug.cgi?id=414031
Solution: Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update xorg-x11-server' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-0831
Risk factor : Critical
CVSS Score: 9.3
|