Integer Overflow in Render Extension of X.Org and XFree86 Products
CVE-2006-6101

Currently unrated

Key Information:

Vendor: X.org
Status: X.org; Xfree86
Vendor: CVE Published:; 31 December 2006

What is CVE-2006-6101?

A vulnerability exists within the ProcRenderAddGlyphs function in the Render extension of X.Org and XFree86 products, which may allow local users to execute arbitrary code. This occurs due to an integer overflow that leads to memory corruption during the handling of glyph management data structures. Attackers can exploit this vulnerability by sending crafted X protocol requests, potentially compromising the system's integrity.

References

http://www.vupen.com/english/advisories/2007/0108

vdb-entryx_refsource_VUPEN

http://www.vupen.com/english/advisories/2007/0669

vdb-entryx_refsource_VUPEN

http://www.novell.com/linux/security/advisories/2007_08_x...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 31, 2006
Vulnerability Reserved
Nov 24, 2006

X.org

What is CVE-2006-6101?

References

Timeline