PublicDate: 2008-06-16 19:41:00 UTC
Candidate: CVE-2008-2361
References: 
 https://ubuntu.com/security/notices/USN-616-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361
Description:
 Integer overflow in the ProcRenderCreateCursor function in the Render
 extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent
 attackers to cause a denial of service (daemon crash) via unspecified
 request fields that are used to calculate a glyph buffer size, which
 triggers a dereference of unmapped memory.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_xorg-server:
 upstream: ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2361.diff
upstream_xorg-server: released
dapper_xorg-server: released (1:1.0.2-0ubuntu10.13)
feisty_xorg-server: released (2:1.2.0-3ubuntu8.4)
gutsy_xorg-server: released (2:1.3.0.0.dfsg-12ubuntu8.4)
hardy_xorg-server: released (2:1.4.1~git20080131-1ubuntu9.2)
devel_xorg-server: released (2:1.4.1~git20080131-1ubuntu12)