CVE-2008-2362 - Vulnerability Details

Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux
X	X11

Configuration 1 [-]

cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
xorg-x11-server-0:1.1.1-48.41.el5_2.1	cpe:/o:redhat:enterprise_linux:5	RHSA-2008:0504	2008-06-11T00:00:00Z

References

Link	Providers
ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://rhn.redhat.com/errata/RHSA-2008-0504.html
http://secunia.com/advisories/30627
http://secunia.com/advisories/30630
http://secunia.com/advisories/30637
http://secunia.com/advisories/30659
http://secunia.com/advisories/30664
http://secunia.com/advisories/30666
http://secunia.com/advisories/30671
http://secunia.com/advisories/30715
http://secunia.com/advisories/30772
http://secunia.com/advisories/30809
http://secunia.com/advisories/30843
http://secunia.com/advisories/31025
http://secunia.com/advisories/31109
http://secunia.com/advisories/32099
http://secunia.com/advisories/33937
http://security.gentoo.org/glsa/glsa-200806-07.xml
http://securitytracker.com/id?1020245
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201
http://www.debian.org/security/2008/dsa-1595
http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:116
http://www.mandriva.com/security/advisories?name=MDVSA-2008:179
http://www.securityfocus.com/archive/1/493548/100/0/threaded
http://www.securityfocus.com/archive/1/493550/100/0/threaded
http://www.securityfocus.com/bid/29670
http://www.ubuntu.com/usn/usn-616-1
http://www.vupen.com/english/advisories/2008/1803
http://www.vupen.com/english/advisories/2008/1833
http://www.vupen.com/english/advisories/2008/1983/references
https://issues.rpath.com/browse/RPL-2607
https://issues.rpath.com/browse/RPL-2619
https://nvd.nist.gov/vuln/detail/CVE-2008-2362
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246
https://www.cve.org/CVERecord?id=CVE-2008-2362

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2008-06-16T19:00:00

Updated: 2024-08-07T08:58:02.043Z

Reserved: 2008-05-21T00:00:00

Link: CVE-2008-2362

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-06-16T19:41:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2362

Redhat

Severity : Important

Publid Date: 2008-06-11T00:00:00Z

Links: CVE-2008-2362 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-11T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2607"}, {"name": "29670", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29670"}, {"name": "238686", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1"}, {"name": "33937", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33937"}, {"name": "30664", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30664"}, {"name": "20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/493550/100/0/threaded"}, {"name": "31025", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31025"}, {"name": "oval:org.mitre.oval:def:11246", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3438"}, {"name": "APPLE-SA-2009-02-12", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"name": "ADV-2008-1833", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1833"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201"}, {"name": "GLSA-200806-07", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200806-07.xml"}, {"name": "30715", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30715"}, {"name": "30666", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30666"}, {"name": "30627", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30627"}, {"name": "30637", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30637"}, {"name": "MDVSA-2008:116", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:116"}, {"tags": ["x_refsource_CONFIRM"], "url": "ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff"}, {"name": "1020245", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1020245"}, {"name": "ADV-2008-1803", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1803"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm"}, {"name": "SUSE-SA:2008:027", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html"}, {"name": "30772", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30772"}, {"name": "20080611 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720"}, {"name": "30659", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30659"}, {"name": "31109", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31109"}, {"name": "ADV-2008-1983", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1983/references"}, {"name": "30671", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30671"}, {"name": "30809", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30809"}, {"name": "MDVSA-2008:179", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:179"}, {"name": "[xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.freedesktop.org/archives/xorg/2008-June/036026.html"}, {"name": "RHSA-2008:0504", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2008-0504.html"}, {"name": "30843", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30843"}, {"name": "DSA-1595", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1595"}, {"name": "USN-616-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-616-1"}, {"name": "32099", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32099"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2619"}, {"name": "SUSE-SR:2008:019", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html"}, {"name": "20080620 rPSA-2008-0200-1 xorg-server", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/493548/100/0/threaded"}, {"name": "30630", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30630"}, {"name": "GLSA-200807-07", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-2362", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://issues.rpath.com/browse/RPL-2607", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2607"}, {"name": "29670", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29670"}, {"name": "238686", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1"}, {"name": "33937", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33937"}, {"name": "30664", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30664"}, {"name": "20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493550/100/0/threaded"}, {"name": "31025", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31025"}, {"name": "oval:org.mitre.oval:def:11246", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246"}, {"name": "http://support.apple.com/kb/HT3438", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3438"}, {"name": "APPLE-SA-2009-02-12", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"name": "ADV-2008-1833", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1833"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201"}, {"name": "GLSA-200806-07", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200806-07.xml"}, {"name": "30715", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30715"}, {"name": "30666", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30666"}, {"name": "30627", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30627"}, {"name": "30637", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30637"}, {"name": "MDVSA-2008:116", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:116"}, {"name": "ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff", "refsource": "CONFIRM", "url": "ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff"}, {"name": "1020245", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1020245"}, {"name": "ADV-2008-1803", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1803"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm"}, {"name": "SUSE-SA:2008:027", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html"}, {"name": "30772", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30772"}, {"name": "20080611 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720"}, {"name": "30659", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30659"}, {"name": "31109", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31109"}, {"name": "ADV-2008-1983", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1983/references"}, {"name": "30671", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30671"}, {"name": "30809", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30809"}, {"name": "MDVSA-2008:179", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:179"}, {"name": "[xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions", "refsource": "MLIST", "url": "http://lists.freedesktop.org/archives/xorg/2008-June/036026.html"}, {"name": "RHSA-2008:0504", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2008-0504.html"}, {"name": "30843", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30843"}, {"name": "DSA-1595", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1595"}, {"name": "USN-616-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-616-1"}, {"name": "32099", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32099"}, {"name": "https://issues.rpath.com/browse/RPL-2619", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2619"}, {"name": "SUSE-SR:2008:019", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html"}, {"name": "20080620 rPSA-2008-0200-1 xorg-server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493548/100/0/threaded"}, {"name": "30630", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30630"}, {"name": "GLSA-200807-07", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:02.043Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2607"}, {"name": "29670", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29670"}, {"name": "238686", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1"}, {"name": "33937", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33937"}, {"name": "30664", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30664"}, {"name": "20080621 rPSA-2008-0201-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/493550/100/0/threaded"}, {"name": "31025", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31025"}, {"name": "oval:org.mitre.oval:def:11246", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3438"}, {"name": "APPLE-SA-2009-02-12", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"name": "ADV-2008-1833", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1833"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201"}, {"name": "GLSA-200806-07", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200806-07.xml"}, {"name": "30715", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30715"}, {"name": "30666", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30666"}, {"name": "30627", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30627"}, {"name": "30637", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30637"}, {"name": "MDVSA-2008:116", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:116"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff"}, {"name": "1020245", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1020245"}, {"name": "ADV-2008-1803", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1803"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm"}, {"name": "SUSE-SA:2008:027", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html"}, {"name": "30772", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30772"}, {"name": "20080611 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720"}, {"name": "30659", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30659"}, {"name": "31109", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31109"}, {"name": "ADV-2008-1983", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1983/references"}, {"name": "30671", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30671"}, {"name": "30809", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30809"}, {"name": "MDVSA-2008:179", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:179"}, {"name": "[xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.freedesktop.org/archives/xorg/2008-June/036026.html"}, {"name": "RHSA-2008:0504", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2008-0504.html"}, {"name": "30843", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30843"}, {"name": "DSA-1595", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1595"}, {"name": "USN-616-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-616-1"}, {"name": "32099", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32099"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2619"}, {"name": "SUSE-SR:2008:019", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html"}, {"name": "20080620 rPSA-2008-0200-1 xorg-server", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/493548/100/0/threaded"}, {"name": "30630", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30630"}, {"name": "GLSA-200807-07", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-2362", "datePublished": "2008-06-16T19:00:00", "dateReserved": "2008-05-21T00:00:00", "dateUpdated": "2024-08-07T08:58:02.043Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:*", "matchCriteriaId": "1F156D71-455F-4B66-9E0C-E8A085B8206A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de entero en la extensi\u00f3n Render en el servidor X 1.4 de X.Org X11R7.3 permite a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, o (3) SProcRenderCreateConicalGradient con un campo inv\u00e1lido especificando el n\u00famero de bytes a intercambiar en la petici\u00f3n de datos, lo cual dispara una corrupci\u00f3n de memoria en mont\u00edculo."}], "id": "CVE-2008-2362", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-06-16T19:41:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff"}, {"source": "secalert@redhat.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720"}, {"source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"source": "secalert@redhat.com", "url": "http://lists.freedesktop.org/archives/xorg/2008-June/036026.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2008-0504.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30627"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30630"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30637"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30659"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30664"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30666"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/30671"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/30715"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/30772"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/30809"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/30843"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/31025"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/31109"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32099"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33937"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200806-07.xml"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1020245"}, {"source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1"}, {"source": "secalert@redhat.com", "url": "http://support.apple.com/kb/HT3438"}, {"source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm"}, {"source": "secalert@redhat.com", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1595"}, {"source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:116"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:179"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/493548/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/493550/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/29670"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-616-1"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/1803"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/1833"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/1983/references"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2607"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2619"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.freedesktop.org/archives/xorg/2008-June/036026.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2008-0504.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30627"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30630"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30637"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30659"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30664"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30666"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30671"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30715"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30772"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30809"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30843"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32099"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200806-07.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1020245"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3438"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1595"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:116"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:179"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493548/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493550/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/29670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-616-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1803"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1833"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1983/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2607"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2619"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object