CVE-2008-1377 - RECORD and Security extensions memory corruption - ~kibi/xserver

diff options

author	Matthieu Herrb <matthieu.herrb@laas.fr>	2008-06-10 12:20:00 -0600
committer	Matthieu Herrb <matthieu@bluenote.herrb.net>	2008-06-11 08:06:09 -0600
commit	95d162c4389857d960da9b0158345c1714e91f31 (patch)
tree	f3f388c171e5e034146a0e4c481c8ca5264f6a0f /fb/fbgetsp.c
parent	656d5d98855eb608ec6581f8c574f343a216ea32 (diff)

CVE-2008-1377 - RECORD and Security extensions memory corruption

Lack of validation of the parameters of the SProcSecurityGenerateAuthorization SProcRecordCreateContext functions makes it possible for a specially crafted request to trigger the swapping of bytes outside the parameter of these requests, causing memory corruption.

Diffstat (limited to 'fb/fbgetsp.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: