Vulnerability Details : CVE-2010-1166
The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2010-1166
- cpe:2.3:a:x:x.org:7.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-1166
0.90%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-1166
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:H/Au:S/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2010-1166
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-1166
-
https://bugzilla.redhat.com/show_bug.cgi?id=495733
495733 – Xorg crashes with latest firefox
-
https://bugzilla.redhat.com/show_bug.cgi?id=582601
582601 – (CVE-2010-1166) CVE-2010-1166 Xorg: X server Render extension memory corruption
-
http://cgit.freedesktop.org/xorg/xserver/commit/?id=d2f813f7db
xorg/xserver - X server (mirrored from https://gitlab.freedesktop.org/xorg/xserver)Exploit;Patch
-
http://www.ubuntu.com/usn/USN-939-1
USN-939-1: X.org vulnerabilities | Ubuntu security notices
-
http://www.vupen.com/english/advisories/2010/1185
Webmail | OVH- OVH
-
https://rhn.redhat.com/errata/RHSA-2010-0382.html
RHSA-2010:0382 - Security Advisory - Red Hat Customer Portal
-
http://securitytracker.com/id?1023929
X.org Xserver mod() Calculation Error Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:014
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10112
Repository / Oval Repository
Jump to