Описание
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
A divide-by-zero flaw was found in the way the X.Org server checked the dimensions of certain images. An attacker could potentially crash the X.Org server by tricking a suitable X application into displaying a specially crafted image file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | xorg-x11-server | Will not fix | ||
| Red Hat Enterprise Linux 7 | xorg-x11-server | Will not fix | ||
| Red Hat Enterprise Linux 6 | xorg-x11-server | Fixed | RHBA-2015:1445 | 22.07.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
2.3 Low
CVSS2
Связанные уязвимости
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserv ...
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
EPSS
2.3 Low
CVSS2