CVE-2010-1166 - OpenCVE

The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:H/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
X	X.org

Configuration 1 [-]

cpe:2.3:a:x:x.org:7.1:*:*:*:*:*:*:*

References

Link	Resource
http://cgit.freedesktop.org/xorg/xserver/commit/?id=d2f813f7db	Exploit Patch
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://secunia.com/advisories/39650	Vendor Advisory
http://secunia.com/advisories/39834
http://securitytracker.com/id?1023929
http://www.ubuntu.com/usn/USN-939-1
http://www.vupen.com/english/advisories/2010/1185
https://bugzilla.redhat.com/show_bug.cgi?id=495733
https://bugzilla.redhat.com/show_bug.cgi?id=582601
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10112
https://rhn.redhat.com/errata/RHSA-2010-0382.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2010-04-29T21:00:00

Updated: 2017-09-18T12:57:01

Reserved: 2010-03-29T00:00:00

Link: CVE-2010-1166

JSON object: View

NVD Information

Status : Modified

Published: 2010-04-29T21:30:00.480

Modified: 2023-02-13T04:17:28.727

Link: CVE-2010-1166

JSON object: View

Redhat Information

No data.

CWE

CWE-189

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-04-28T00:00:00", "descriptions": [{"lang": "en", "value": "The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2010:0382", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://rhn.redhat.com/errata/RHSA-2010-0382.html"}, {"name": "1023929", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023929"}, {"name": "39650", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39650"}, {"name": "39834", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39834"}, {"name": "oval:org.mitre.oval:def:10112", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10112"}, {"tags": ["x_refsource_MISC"], "url": "http://cgit.freedesktop.org/xorg/xserver/commit/?id=d2f813f7db"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495733"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=582601"}, {"name": "SUSE-SR:2010:014", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"name": "ADV-2010-1185", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1185"}, {"name": "USN-939-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-939-1"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-1166", "datePublished": "2010-04-29T21:00:00", "dateReserved": "2010-03-29T00:00:00", "dateUpdated": "2017-09-18T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:x:x.org:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1940D46-DAAA-458E-8688-79CD65744721", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition."}, {"lang": "es", "value": "La funci\u00f3n fbComposite en fbpict.c en la extensi\u00f3n Render en el servidor de X en X.Org X11R7.1 permite a los usuarios remotos autenticados causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y cuelgue del demonio) o posiblemente ejecutar c\u00f3digo arbitrario mediante una petici\u00f3n manipulada, relacionado con una definici\u00f3n de macro incorrecta."}], "id": "CVE-2010-1166", "lastModified": "2023-02-13T04:17:28.727", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-29T21:30:00.480", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "http://cgit.freedesktop.org/xorg/xserver/commit/?id=d2f813f7db"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39650"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/39834"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1023929"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-939-1"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2010/1185"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495733"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=582601"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10112"}, {"source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2010-0382.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}