Nortel: Technical Support: Nortel Response to Sun Alert 238686 - Multiple Security Vulnerabilities in the Solaris X Server Extensions

You are currently browsing our site with javascriptdisabled. Some features may be unavailable. Learn more about viewing our site.

Welcome, Guest

Help Using This Site

Nortel Response to Sun Alert 238686 - Multiple Security Vulnerabilities in the Solaris X Server Extensions

Description:	Sun Microsystems has recently issued Sun Alert 238696 - Multiple Security Vulnerabilities in the Solaris X Server Extensions. Some Nortel products contain the affected software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Sun Alert 238686 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-238686-1) This bulletin addresses the following CVEs: 1) CVE-2008-2360 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow. 2) CVE-2008-2361 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory. 3) CVE-2008-2362 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362 Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. 4) CVE-2008-1379 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read
Type:	Security Advisories
Number:	2008009148, Rev 1
Status:	Retired
Date:	2009-03-31

Show Associated Products

Bulletin Downloads

		Title	Extension	File Size	Language
		Nortel Response to Sun Alert 238686 - Multiple Security Vulnerabilities in the Solaris X Server Extensions Checksum: 7cce597b450146371efff60389aacbfc [MD5]	[pdf]	22238 bytes	English

Associated Products

Bulletin temp product

Enterprise Network Management System

Media Gateway 9000

Media Processing Server (MPS) 100

Media Processing Server (MPS) 1000

Media Processing Server (MPS) 500

Multimedia Communication Server 5100

Optical Manager

Optical Manager Element Adapter

Optical Network Manager

Periphonics Common Channel Signaling Server (CCSS)

Periphonics Computer Telephony Extension (CTX)

Periphonics PeriToolsWorkstation

Periphonics Speech Platform

Preside Management for Metro Optical Networks

Self-Service Portfolio

Speech and Self-Service

Succession Multimedia Communications

Universal Access - AAL1

Universal Access - IP

VoIP Infrastructure Solutions