|
Note: This is an archival copy of Security Sun Alert 200246 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000193.1. |
Category Security Release Phase Resolved Sun Java Desktop System Release 2 Bug Id 6331304 Date of Resolved Release 03-OCT-2005 Impact A security vulnerability in the XFree86(1) X server may allow a local unprivileged user the ability to execute arbitrary code with the privileges of the XFree86(1) X server due to an integer overflow in the X Pixmap (Xpm) format image file creation routines. This issue is described in the following document: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495 Contributing Factors This issue can occur in the following release: Linux Platform
Notes:
To determine the release of JDS for Linux installed on a system, the following command can be run: % cat /etc/sun-release Sun Java Desktop System, Release 2 -build 10b (GA) Assembled 30 March 2004 To determine the version of XFree86, the following command can be run: % rpm -qf /usr/X11R6/bin/XFree86 XFree86-server-4.3.0-137
Symptoms There are no predictable symptoms that would indicate the described issue has been exploited. Workaround There is no workaround to this issue. Please see the Resolution section below. Resolution This issue is addressed in the following release: Linux Platform
To download and install the updated RPMs from the update servers, select the following sequence from the "launch" menu: Launch >> Applications >> System Tools >> Online Update For more information on obtaining updates, please see: http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5 http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7 Attachments This solution has no attachment | |||||||||||||||
|
|