oval:org.mitre.oval:def:28652
| Definition Id: oval:org.mitre.oval:def:28652 | |||
| Oval ID: | oval:org.mitre.oval:def:28652 | ||
| Title: | RHSA-2014:1982 -- xorg-x11-server security update (Important) | ||
| Description: | X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102) All xorg-x11-server users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1982 CESA-2014:1982 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xorg-x11-server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15802 | |||
| Oval ID: | oval:org.mitre.oval:def:15802 | ||
| Title: | The operating system installed on the system is CentOS Linux 5.x | ||
| Description: | The operating system installed on the system is CentOS Linux 5.x | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:centos:centos:5 | Version: | 7 |
| Platform(s): | CentOS Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:28652 | |||
| Definition Id: oval:org.mitre.oval:def:11414 | |||
| Oval ID: | oval:org.mitre.oval:def:11414 | ||
| Title: | The operating system installed on the system is Red Hat Enterprise Linux 5 | ||
| Description: | The operating system installed on the system is Red Hat Enterprise Linux 5. | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:redhat:enterprise_linux:5 | Version: | 7 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:28652 | |||
