Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 8 FEDORA-2008-0760 (xorg-x11-server)

The remote host is missing an update to xorg-x11-server
announced via advisory FEDORA-2008-0760.

X.Org X11 X server

Update Information:

CVE-2007-5760: XFree86-Misc Extension Invalid Array Index Vulnerability
CVE-2007-5958: Xorg / XFree86 file existence disclosure vulnerability
CVE-2007-6427: XInput Extension Memory Corruption Vulnerability
CVE-2007-6428: TOG-CUP Extension Memory Corruption Vulnerability
CVE-2007-6429: EVI and MIT-SHM Extension Integer Overflow Vulnerability
CVE-2008-0006: PCF Font Vulnerability - this patch isn't strictly required with new version of libXfont.

Contains updated fix for MITSHM from ajax.

[ 1 ] Bug #429126 - CVE-2007-5958 CVE-2007-6429 CVE-2007-6429_MITSHM CVE-2007-6428 CVE-2007-6427 CVE-2007-5760 Multiple xorg-x11-server vulnerabilities [Fedora 8]
[ 2 ] Bug #391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability
[ 3 ] Bug #413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension
[ 4 ] Bug #413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension
[ 5 ] Bug #413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension
[ 6 ] Bug #413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension
[ 7 ] Bug #414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update xorg-x11-server'
at the command line. For more information, refer to Managing Software
with yum, available at

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-5760
BugTraq ID: 27336
BugTraq ID: 27354
Bugtraq: 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search)
Debian Security Information: DSA-1466 (Google Search)
OpenBSD Security Advisory: [4.1] 20080208 012: SECURITY FIX: February 8, 2008
OpenBSD Security Advisory: [4.2] 20080208 006: SECURITY FIX: February 8, 2008
SuSE Security Announcement: SUSE-SA:2008:003 (Google Search)
XForce ISS Database: xorg-xfree86misc-code-execution(39766)
Common Vulnerability Exposure (CVE) ID: CVE-2007-5958
BugTraq ID: 27356
HPdes Security Advisory: HPSBUX02381
HPdes Security Advisory: SSRT080083
SuSE Security Announcement: SUSE-SR:2008:008 (Google Search)
XForce ISS Database: xorg-xsp-information-disclosure(39769)
Common Vulnerability Exposure (CVE) ID: CVE-2007-6427
BugTraq ID: 27351
SuSE Security Announcement: SUSE-SR:2008:003 (Google Search)
XForce ISS Database: xorg-xinput-code-execution(39759)
Common Vulnerability Exposure (CVE) ID: CVE-2007-6428
BugTraq ID: 27355
XForce ISS Database: xorg-togcup-information-disclosure(39761)
Common Vulnerability Exposure (CVE) ID: CVE-2007-6429
BugTraq ID: 27350
BugTraq ID: 27353
XForce ISS Database: xorg-evi-bo(39763)
XForce ISS Database: xorg-mitshm-overflow(39764)
Common Vulnerability Exposure (CVE) ID: CVE-2008-0006
BugTraq ID: 27352
CERT/CC vulnerability note: VU#203220
XForce ISS Database: xorg-pcffont-bo(39767)
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2023 E-Soft Inc. All rights reserved.