Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2005:396
HistorySep 13, 2005 - 6:53 p.m.

xorg security update

2005-09-1318:53:55
CentOS Project
lists.centos.org
54

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.026

Percentile

90.5%

JSON

CentOS Errata and Security Advisory CESA-2005:396

X.org is an open source implementation of the X Window System. It
provides the basic low-level functionality that full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.

Several integer overflow bugs were found in the way X.org parses pixmap
images. It is possible for a user to gain elevated privileges by loading a
specially crafted pixmap image. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2005-2495 to this issue.

Users of X.org should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-September/074320.html
https://lists.centos.org/pipermail/centos-announce/2005-September/074322.html
https://lists.centos.org/pipermail/centos-announce/2005-September/074323.html
https://lists.centos.org/pipermail/centos-announce/2005-September/074324.html

Affected packages:
xorg-x11
xorg-x11-Mesa-libGL
xorg-x11-Mesa-libGLU
xorg-x11-Xdmx
xorg-x11-Xnest
xorg-x11-Xvfb
xorg-x11-deprecated-libs
xorg-x11-deprecated-libs-devel
xorg-x11-devel
xorg-x11-doc
xorg-x11-font-utils
xorg-x11-libs
xorg-x11-sdk
xorg-x11-tools
xorg-x11-twm
xorg-x11-xauth
xorg-x11-xdm
xorg-x11-xfs

Upstream details at:
https://access.redhat.com/errata/RHSA-2005:396

OSVersionArchitecturePackageVersionFilename
CentOS4ia64xorg-x11< 6.8.2-1.EL.13.16xorg-x11-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-mesa-libgl< 6.8.2-1.EL.13.16xorg-x11-Mesa-libGL-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-mesa-libglu< 6.8.2-1.EL.13.16xorg-x11-Mesa-libGLU-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-xdmx< 6.8.2-1.EL.13.16xorg-x11-Xdmx-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-xnest< 6.8.2-1.EL.13.16xorg-x11-Xnest-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-xvfb< 6.8.2-1.EL.13.16xorg-x11-Xvfb-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-deprecated-libs< 6.8.2-1.EL.13.16xorg-x11-deprecated-libs-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-deprecated-libs-devel< 6.8.2-1.EL.13.16xorg-x11-deprecated-libs-devel-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-devel< 6.8.2-1.EL.13.16xorg-x11-devel-6.8.2-1.EL.13.16.ia64.rpm
CentOS4ia64xorg-x11-doc< 6.8.2-1.EL.13.16xorg-x11-doc-6.8.2-1.EL.13.16.ia64.rpm
Rows per page:
1-10 of 911

Related

nessus 37
centos 2
redhat 3
ubuntu 1
nvd 1
openvas 11
gentoo 1
cert 1
suse 1
securityvulns 1
cve 1
freebsd 1
ubuntucve 1
slackware 1
cvelist 1
debian 2
osv 1
nessus
nessus
RHEL 2.1 : XFree86 (RHSA-2005:329)
2005-09-13 00:00:00
Fedora Core 4 : xorg-x11-6.8.2-37.FC4.48.1 (2005-894)
2005-09-17 00:00:00
CentOS 3 : XFree86 (CESA-2005:501)
2006-07-03 00:00:00
centos
centos
XFree86 security update
2005-09-13 23:21:44
XFree86 security update
2005-09-15 10:48:27
redhat
redhat
(RHSA-2005:396) xorg-x11 security update
2005-09-13 00:00:00
(RHSA-2005:501) XFree86 security update
2005-09-15 00:00:00
(RHSA-2005:329) XFree86 security update
2005-09-12 00:00:00
ubuntu
ubuntu
X server vulnerability
2005-09-12 00:00:00
nvd
nvd
CVE-2005-2495
2005-09-15 20:03:00
openvas
openvas
FreeBSD Ports: XFree86-Server
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200509-07 (X.Org)
2008-09-24 00:00:00
SLES9: Security update for XFree86-server
2009-10-10 00:00:00
gentoo
gentoo
X.Org: Heap overflow in pixmap allocation
2005-09-12 00:00:00
cert
cert
Multiple X servers fail to properly allocate memory for large pixmaps
2005-09-13 00:00:00
suse
suse
remote command execution in XFree86-server,xorg-x11-server
2005-09-26 13:04:19
securityvulns
securityvulns
[Full-disclosure] [USN-182-1] X server vulnerability
2005-09-12 00:00:00
cve
cve
CVE-2005-2495
2005-09-15 20:03:00
freebsd
freebsd
X11 server -- pixmap allocation vulnerability
2005-09-12 00:00:00
ubuntucve
ubuntucve
CVE-2005-2495
2005-09-15 00:00:00
slackware
slackware
X.Org pixmap overflow
2005-09-26 10:43:04
cvelist
cvelist
CVE-2005-2495
2005-09-15 04:00:00
debian
debian
[SECURITY] [DSA 816-1] New XFree86 packages fix arbitrary code execution
2005-09-22 08:57:47
[SECURITY] [DSA 816-1] New XFree86 packages fix arbitrary code execution
2005-09-22 08:57:47
osv
osv
xfree86 - integer overflow
2005-09-19 00:00:00

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.026

Percentile

90.5%

JSON
Related for CESA-2005:396
nessus37centos2redhat3ubuntu1nvd1openvas11gentoo1cert1suse1securityvulns1cve1freebsd1ubuntucve1slackware1cvelist1debian2osv1