CVE-2006-6101
xfree86
EPSS 0.04%
Description
Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.
How to fix CVE-2006-6101
To remediate CVE-2006-6101, upgrade the affected package to a fixed version below.
- Debian/xfree86—upgrade to 4.3.0.dfsg.1-14sarge3 or later
- Debian/xorg-server—upgrade to 2:1.1.1-15 or later
Is CVE-2006-6101 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 4.3.0.dfsg.1-14sarge3
- from 0, < 2:1.1.1-15