View Full Version : USN-514-1: X.org vulnerability

September 19th, 2007, 03:40 AM
Referenced CVEs:

================================================== ========= Ubuntu Security Notice USN-514-1 September 18, 2007 xorg-server vulnerability CVE-2007-4730 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: xserver-xorg-core 1:1.0.2-0ubuntu10.7 After a standard system upgrade you need to restart your session to affect the necessary changes. Details follow: Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges.

More... (http://www.ubuntu.com/usn/usn-514-1)