Mandrake Linux Security Advisory : nvidia (MDKSA-2007:007)
High Nessus Plugin ID 24623
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability in the NVIDIA Xorg driver was discovered by Derek Abdine who found that it did not correctly verify the size of buffers used to render text glyphs, resulting in a crash of the server when displaying very long strings of text. If a user was tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges.
This vulnerability exists in driver versions 1.0-8762 and 1.0-8774 and is corrected in 1.0-8776 which is being provided with this update.
The packages can be found in the non-free/updates media.
SolutionUpdate the affected packages.