• info
• discussion
• exploit
• solution
• references

X.Org X server RENDER Extension Multiple Integer Overflow Vulnerabilities

Solution:
The vendor has released a fix. Please see the references for more information.


Mandriva Linux Mandrake 2008.0 x86_64

• Mandriva lib64metisse1-0.4.0-1.rc4.10.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64metisse1-devel-0.4.0-1.rc4.10.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-0.4.0-1.rc4.10.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-fvwm-2.5.20-1.rc4.10.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva x11-server-xmetisse-0.4.0-1.rc4.10.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/

Sun Solaris 8_sparc

• Sun 119067-10
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -119067-10-1

Mandriva Linux Mandrake 2008.0

• Mandriva libmetisse1-0.4.0-1.rc4.10.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libmetisse1-devel-0.4.0-1.rc4.10.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-0.4.0-1.rc4.10.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-fvwm-2.5.20-1.rc4.10.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva x11-server-xmetisse-0.4.0-1.rc4.10.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2008.1 x86_64

• Mandriva lib64metisse1-0.4.0-1.rc4.10.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64metisse1-devel-0.4.0-1.rc4.10.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-0.4.0-1.rc4.10.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-fvwm-2.5.20-1.rc4.10.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva x11-server-xmetisse-0.4.0-1.rc4.10.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2008.1

• Mandriva libmetisse1-0.4.0-1.rc4.10.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libmetisse1-devel-0.4.0-1.rc4.10.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-0.4.0-1.rc4.10.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva metisse-fvwm-2.5.20-1.rc4.10.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva x11-server-xmetisse-0.4.0-1.rc4.10.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/

Sun Solaris 10_x86

• Sun 119060-43
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -119060-43-1


• Sun 125720-23
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -125720-23-1

X.org xorg-server 1.4.1

• X.org xorg-xserver-1.4-cve-2008-2362.diff
  ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cv e-2008-2362.diff