OSVDB ID: 32086

Title: Multiple Vendor DBE Extension ProcDbeSwapBuffers Function Memory Corruption

Info

Disclosure

Jan 09, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Private

Solution

Upgrade to version 7.2 RC3 or higher, as it has been reported to fix this vulnerability. It is also possible to temporarily work around the flaw by implementing the following workaround: Access to the vulnerable code can be prevented when the DBE extension is not built into the X binary. This can be accomplished by removing the entry for the DBE extension from your X server's configuration file, often stored in /etc/X11 and named xorg.conf or XF86Config-4. To do this, remove the following line from the 'Module' section: Load "DBE" This will prevent the render extension from loading, which may affect the appearance or operation of some applications.

Products

Unknown or Incomplete

References

Security Tracker: 1017495
CVE ID: 2006-6103 (see also: NVD)
Bugtraq ID: 21968
Secunia Advisory ID: 23633 23670 23684 23689 23698 23705 23758 23789 23966 24168 24210 24247 24401 25802 25802
SCIP VulDB ID: 2817
ISS X-Force ID: 31379
VUPEN Advisory: ADV-2007-0108 ADV-2007-0109 ADV-2007-0589 ADV-2007-0669 ADV-2007-2233
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0268.html
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.393555
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1
http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm
Vendor Specific Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm
Vendor Specific Solution URL: https://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c01075678
RedHat RHSA: RHSA-2007:0002 RHSA-2007:0003

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/32086