FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

X11 server -- pixmap allocation vulnerability

Affected packages
XFree86-Server < 4.5.0_2
xorg-server < 6.8.2_5
6.8.99 < xorg-server < 6.8.99.12_1

Details

VuXML ID a863aa74-24be-11da-8882-000e0c33c2dc
Discovery 2005-09-12
Entry 2005-09-15

Allocating large pixmaps by a client can trigger an integer overflow in the X server, potentially leading to execution of arbitrary code with elevated (root) privileges.

References

Bugtraq ID 14807
CERT/CC Vulnerability Note 102441
CVE Name CVE-2005-2495
URL https://bugs.freedesktop.org/show_bug.cgi?id=594
URL https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166856