oval:org.mitre.oval:def:19727

Definition Id: oval:org.mitre.oval:def:19727

Oval ID:	oval:org.mitre.oval:def:19727
Title:	HP-UX Running Xserver, Remote Execution of Arbitrary Code
Description:	The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-1377	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02381 HP-UX B.11.31 AND Xserver.X11-SERV is installed AND NOT Patch PHSS_38840 is installed OR Criteria meets HP Security Bulletin HPSBUX02381 HP Release B.11.23 AND filesets tests URL: is installed AND Xserver.X11-SERV is installed AND NOT Patch PHSS_37972 is installed OR Criteria meets HP Security Bulletin HPSBUX02381 HP Release B.11.11 AND filesets tests URL: is installed AND Xserver.X11-SERV is installed AND NOT Patch PHSS_34392 is installed