AIX 7.1 TL 3 : X11.base.rte (U860289)

high Nessus Plugin ID 74274

Synopsis

The remote AIX host is missing a vendor-supplied security patch.

Description

The remote host is missing AIX PTF U860289, which is related to the security of the package X11.base.rte.

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Solution

Install the appropriate missing security-related fix.

See Also

http://www-01.ibm.com/support/docview.wss?uid=isg1IV53246

Plugin Details

Severity: High

ID: 74274

File Name: aix_U860289.nasl

Version: 1.2

Type: local

Published: 6/3/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.1

Required KB Items: Host/local_checks_enabled, Host/AIX/oslevel, Host/AIX/version, Host/AIX/lslpp

Patch Publication Date: 12/11/2013

Vulnerability Publication Date: 12/11/2013