AIX 7.1 TL 2 : X11.base.rte (U862346)

high Nessus Plugin ID 77382

Synopsis

The remote AIX host is missing a vendor-supplied security patch.

Description

The remote host is missing AIX PTF U862346, which is related to the security of the package X11.base.rte.

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Solution

Install the appropriate missing security-related fix.

See Also

http://www-01.ibm.com/support/docview.wss?uid=isg1IV52186

Plugin Details

Severity: High

ID: 77382

File Name: aix_U862346.nasl

Version: 1.2

Type: local

Published: 8/26/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.1

Required KB Items: Host/local_checks_enabled, Host/AIX/oslevel, Host/AIX/version, Host/AIX/lslpp

Patch Publication Date: 11/18/2013

Vulnerability Publication Date: 11/18/2013