• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Common Desktop Environment DTLogin XDMCP Parser Remote Double Free Vulnerability

It has been reported that a double free vulnerability exists in the dtlogin process of CDE. This issue presents itself due to the free() function being called on the same allocated chunk of memory more than once. This problem occurs prior to any authorization.

Successful exploitation of this issue could lead to the corruption of an arbitrary location in memory, ultimately allowing for the attacker to control the execution flow of the affected process.