Intrusion Prevention

X.Org.XRender.Extension.Buffer.Overflow

Description

A vulnerability has been identified in X.Org X11, which could be exploited by attackers to execute arbitrary commands. This flaw is due to a buffer overflow error in the XRender extension code that does not properly handle malformed "XRenderCompositeTriStrip" or "XRenderCompositeTriFan" requests, which could be exploited by malicious clients to compromise a vulnerable X server.

Affected Products

X.Org Server X11R7.0
X.Org Server X11R6.8.x
X.Org Server X11R6.9.0

Impact

Arbitrary command execution

CVE References

CVE-2006-1526