CVE-2010-4819 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	3.6 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:P/I:N/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 22%

Affected Products (NVD)

Vendor	Product	Version
x	x.org-xserver	𝑥 ≤ 1.7.7
x	x.org-xserver	1.7
x	x.org-xserver	1.7.6.902
x	x.org-xserver	1.7.7:rc2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

xorg-server

bookworm	2:21.1.7-3+deb12u7 fixed
bookworm (security)	2:21.1.7-3+deb12u8 fixed
bullseye	2:1.20.11-1+deb11u13 fixed
bullseye (security)	2:1.20.11-1+deb11u14 fixed
lenny	no-dsa
sid	2:21.1.14-1 fixed
trixie	2:21.1.14-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

xorg-server

hardy	ignored
lucid	Fixed 2:1.7.6-2ubuntu7.8 released
maverick	not-affected
natty	not-affected
oneiric	not-affected

Red Hat Enterprise Linux Releases

Red Hat Product

Release

xorg-x11-server-Xdmx

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-Xephyr

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-Xnest

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-Xorg

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-Xvfb

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-common

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-devel

RHEL 6

0:1.7.7-29.el6_1.2

fixed

xorg-x11-server-source

RHEL 6

0:1.7.7-29.el6_1.2

fixed

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://aix.software.ibm.com/aix/efixes/security/X_advisory2.asc

http://cgit.freedesktop.org/xorg/xserver/commit/render/render.c?id=5725849a1b427cd4a72b84e57f211edb35838718

http://rhn.redhat.com/errata/RHSA-2011-1359.html

http://rhn.redhat.com/errata/RHSA-2011-1360.html

http://securitytracker.com/id?1026149

http://www.openwall.com/lists/oss-security/2011/09/22/8

http://www.openwall.com/lists/oss-security/2011/09/23/5

https://bugs.freedesktop.org/show_bug.cgi?id=28801

http://aix.software.ibm.com/aix/efixes/security/X_advisory2.asc

http://cgit.freedesktop.org/xorg/xserver/commit/render/render.c?id=5725849a1b427cd4a72b84e57f211edb35838718

http://rhn.redhat.com/errata/RHSA-2011-1359.html

http://rhn.redhat.com/errata/RHSA-2011-1360.html

http://securitytracker.com/id?1026149

http://www.openwall.com/lists/oss-security/2011/09/22/8

http://www.openwall.com/lists/oss-security/2011/09/23/5

https://bugs.freedesktop.org/show_bug.cgi?id=28801