New Search

Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash) as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo which leads to an incorrect memory allocation due to a typo in an expression that uses a "" instead of a "*" operator. NOTE: the subject line of the original announcement used an incorrect CVE number for this issue.

oval:org.mitre.oval:def:11339

Postfix 2.1.3 when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2005-0337
Product(s):