Unrated severityNVD Advisory· Published Jun 16, 2008· Updated Apr 23, 2026
CVE-2008-2362
CVE-2008-2362
Description
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
42- ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diffnvdPatch
- www.securityfocus.com/bid/29670nvdPatch
- secunia.com/advisories/30627nvdVendor Advisory
- secunia.com/advisories/30630nvdVendor Advisory
- secunia.com/advisories/30637nvdVendor Advisory
- secunia.com/advisories/30659nvdVendor Advisory
- secunia.com/advisories/30664nvdVendor Advisory
- secunia.com/advisories/30666nvdVendor Advisory
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
- lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlnvd
- lists.freedesktop.org/archives/xorg/2008-June/036026.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.htmlnvd
- rhn.redhat.com/errata/RHSA-2008-0504.htmlnvd
- secunia.com/advisories/30671nvd
- secunia.com/advisories/30715nvd
- secunia.com/advisories/30772nvd
- secunia.com/advisories/30809nvd
- secunia.com/advisories/30843nvd
- secunia.com/advisories/31025nvd
- secunia.com/advisories/31109nvd
- secunia.com/advisories/32099nvd
- secunia.com/advisories/33937nvd
- security.gentoo.org/glsa/glsa-200806-07.xmlnvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- support.apple.com/kb/HT3438nvd
- support.avaya.com/elmodocs2/security/ASA-2008-249.htmnvd
- wiki.rpath.com/wiki/Advisories:rPSA-2008-0201nvd
- www.debian.org/security/2008/dsa-1595nvd
- www.gentoo.org/security/en/glsa/glsa-200807-07.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/archive/1/493548/100/0/threadednvd
- www.securityfocus.com/archive/1/493550/100/0/threadednvd
- www.ubuntu.com/usn/usn-616-1nvd
- www.vupen.com/english/advisories/2008/1803nvd
- www.vupen.com/english/advisories/2008/1833nvd
- www.vupen.com/english/advisories/2008/1983/referencesnvd
- issues.rpath.com/browse/RPL-2607nvd
- issues.rpath.com/browse/RPL-2619nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246nvd
News mentions
0No linked articles in our index yet.