Your submission was sent successfully! Close

CVE-2006-1526

Published: 2 May 2006

Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" instead of a "*" operator. NOTE: the subject line of the original announcement used an incorrect CVE number for this issue.

Priority

Unknown

Status

Package Release Status
xorg
Launchpad, Ubuntu, Debian
dapper Not vulnerable

edgy Not vulnerable

feisty Not vulnerable

upstream Needs triage

xorg-server
Launchpad, Ubuntu, Debian
dapper
Released (1.0.2-0ubuntu10.7)
edgy
Released (1.1.1-0ubuntu12.2)
feisty
Released (1.2.0-3ubuntu8)
upstream Needs triage