Note: This is an archival copy of Security Sun Alert 200246 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000193.1.
Article ID : 1000193.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2005-10-02
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability in XFree86 Server for JDS


Release Phase

Sun Java Desktop System Release 2

Bug Id

Date of Resolved Release


A security vulnerability in the XFree86(1) X server may allow a local unprivileged user the ability to execute arbitrary code with the privileges of the XFree86(1) X server due to an integer overflow in the X Pixmap (Xpm) format image file creation routines.

This issue is described in the following document:

Contributing Factors

This issue can occur in the following release:

Linux Platform

  • Sun Java Desktop System (JDS) Release 2 without the updated RPMs (patch 10490)


  1. Sun Java Desktop System (JDS) release 2003 is no longer under entitlement.
  2. This issue only occurs with XFree86 versions XFree86-server-4.3.0-136 or earlier on the Linux platform.

To determine the release of JDS for Linux installed on a system, the following command can be run:

    % cat /etc/sun-release
 Sun Java Desktop System, Release 2 -build 10b (GA)
 Assembled 30 March 2004

To determine the version of XFree86, the following command can be run:

    % rpm -qf /usr/X11R6/bin/XFree86



There are no predictable symptoms that would indicate the described issue has been exploited.


There is no workaround to this issue. Please see the Resolution section below.


This issue is addressed in the following release:

Linux Platform

  • Sun Java Desktop System (JDS) Release 2 with the updated RPMs (patch 10490)

To download and install the updated RPMs from the update servers, select the following sequence from the "launch" menu:

    Launch >> Applications >> System Tools >> Online Update

For more information on obtaining updates, please see:

This solution has no attachment