AIX 6.1 TL 9 : X11.base.rte (U860216)

High Nessus Plugin ID 74273

Synopsis

The remote AIX host is missing a vendor-supplied security patch.

Description

The remote host is missing AIX PTF U860216, which is related to the security of the package X11.base.rte.

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Solution

Install the appropriate missing security-related fix.

See Also

http://www-01.ibm.com/support/docview.wss?uid=isg1IV52978

Plugin Details

Severity: High

ID: 74273

File Name: aix_U860216.nasl

Version: $Revision: 1.1 $

Type: local

Published: 2014/06/03

Modified: 2014/06/03

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: cpe:/o:ibm:aix:6.1

Required KB Items: Host/local_checks_enabled, Host/AIX/oslevel, Host/AIX/version, Host/AIX/lslpp

Patch Publication Date: 2013/12/09

Vulnerability Publication Date: 2013/12/09