Integer Overflow Vulnerability in X.Org and XFree86 Products
CVE-2006-6103

Currently unrated

Key Information:

Vendor: X.org
Status: X.org; Xfree86
Vendor: CVE Published:; 31 December 2006

What is CVE-2006-6103?

The integer overflow in the ProcDbeSwapBuffers function within the DBE extension of X.Org and XFree86 products allows local users to execute arbitrary code. This occurs due to memory corruption triggered by a crafted X protocol request, compromising the integrity of specified data structures. The flaw spans several product versions, enabling vulnerabilities in systems leveraging these graphical servers.

References

http://www.vupen.com/english/advisories/2007/0108

vdb-entryx_refsource_VUPEN

http://www.vupen.com/english/advisories/2007/0669

vdb-entryx_refsource_VUPEN

http://www.novell.com/linux/security/advisories/2007_08_x...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 31, 2006
Vulnerability Reserved
Nov 24, 2006

X.org

What is CVE-2006-6103?

References

Timeline