CVE - CVE-2006-6101

CVE-ID
CVE-2006-6101	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1017495 URL:http://securitytracker.com/id?1017495 MISC:102803 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1~~ (Obsolete source) MISC:20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463 MISC:21968 URL:http://www.securityfocus.com/bid/21968 MISC:23633 URL:http://secunia.com/advisories/23633 MISC:23670 URL:http://secunia.com/advisories/23670 MISC:23684 URL:http://secunia.com/advisories/23684 MISC:23689 URL:http://secunia.com/advisories/23689 MISC:23698 URL:http://secunia.com/advisories/23698 MISC:23705 URL:http://secunia.com/advisories/23705 MISC:23758 URL:http://secunia.com/advisories/23758 MISC:23789 URL:http://secunia.com/advisories/23789 MISC:23966 URL:http://secunia.com/advisories/23966 MISC:24168 URL:http://secunia.com/advisories/24168 MISC:24210 URL:http://secunia.com/advisories/24210 MISC:24247 URL:http://secunia.com/advisories/24247 MISC:24401 URL:http://secunia.com/advisories/24401 MISC:25802 URL:http://secunia.com/advisories/25802 MISC:32084 URL:~~http://osvdb.org/32084~~ (Obsolete source) MISC:ADV-2007-0108 URL:~~http://www.vupen.com/english/advisories/2007/0108~~ (Obsolete source) MISC:ADV-2007-0109 URL:~~http://www.vupen.com/english/advisories/2007/0109~~ (Obsolete source) MISC:ADV-2007-0589 URL:~~http://www.vupen.com/english/advisories/2007/0589~~ (Obsolete source) MISC:ADV-2007-0669 URL:~~http://www.vupen.com/english/advisories/2007/0669~~ (Obsolete source) MISC:ADV-2007-2233 URL:~~http://www.vupen.com/english/advisories/2007/2233~~ (Obsolete source) MISC:DSA-1249 URL:https://www.debian.org/security/2007/dsa-1249 MISC:GLSA-200701-25 URL:http://security.gentoo.org/glsa/glsa-200701-25.xml MISC:HPSBUX02225 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01075678 MISC:MDKSA-2007:005 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:005~~ (Obsolete source) MISC:NetBSD-SA2007-002 URL:http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc MISC:RHSA-2007:0002 URL:http://www.redhat.com/support/errata/RHSA-2007-0002.html MISC:RHSA-2007:0003 URL:http://www.redhat.com/support/errata/RHSA-2007-0003.html MISC:SSA:2007-066-02 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555 MISC:SSRT071295 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01075678 MISC:SUSE-SA:2007:008 URL:http://www.novell.com/linux/security/advisories/2007_08_x.html MISC:USN-403-1 URL:http://www.ubuntu.com/usn/usn-403-1 MISC:[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions URL:http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html MISC:http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm MISC:http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm MISC:https://issues.rpath.com/browse/RPL-920 URL:https://issues.rpath.com/browse/RPL-920 MISC:oval:org.mitre.oval:def:10490 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490 MISC:xorg-xserver-render-overflow(31337) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/31337
Assigning CNA
Red Hat, Inc.
Date Record Created
20061124	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061124)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)