PublicDate: 2006-05-02 21:06:00 UTC
Candidate: CVE-2006-1526
References:
 https://ubuntu.com/security/notices/USN-280-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526
Description:
 Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0
 up to allows attackers to cause a denial of service (crash), as
 demonstrated by the (1) XRenderCompositeTriStrip and (2)
 XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo,
 which leads to an incorrect memory allocation due to a typo in an
 expression that uses a "&" instead of a "*" operator. NOTE: the subject
 line of the original announcement used an incorrect CVE number for this
 issue.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_xorg-server: released (1.0.2-0ubuntu10.7)
edgy_xorg-server: released (1.1.1-0ubuntu12.2)
feisty_xorg-server: released (1.2.0-3ubuntu8)
devel_xorg-server: released (1.2.0-3ubuntu8)
dapper_xorg: not-affected
edgy_xorg: not-affected
feisty_xorg: not-affected
devel_xorg: not-affected
upstream_xorg: needs-triage
upstream_xorg-server: needs-triage