Skip to Content
Products
Products By Category

Collaboration

Data Synchronizer

GroupWise

Open Workgroup Suite

Vibe

Endpoint Management

Endpoint Lifecycle Management Suite

Endpoint Protection Suite

Service Desk

Total Endpoint Management Suite

ZENworks Application Virtualization

ZENworks Asset Management

ZENworks Configuration Management

ZENworks Endpoint Security Management

ZENworks Full Disk Encryption

ZENworks Linux Management

ZENworks Mobile Management

ZENworks Patch Management

ZENworks Virtual Appliance

File & Networking Services

Business Continuity Clustering

Dynamic File Services

File Management Suite

File Reporter

Filr

Open Enterprise Server

Storage Manager
Looking for Linux? See our new home at SUSE.com

Looking for Identity, Security & Governance or IT Operations Management? See our new home at NetIQ.com
Services & Support
+ Novell Services Overview
Help Yourself

Knowledgebase

Discussion Forums

Documentation

Technical Subscriptions

Product Support Lifecycle

Cool Solutions

Let Us Help

Open Service Request

Entitlement & Access

Support Programs

Support from Partner
Download

Patches

Products

Drivers

Beta

IT Consulting

Why Consulting

Consulting Offerings

Delivery Excellence Reviews
Technical Training

Look Up & Locate Training

Certification and Testing

Advanced Technical Training

Custom On-site Training

Free Training

On-demand Training

Online Training

Technical Skills Assessments

Training Partners
Customer Center

My Profile

My Products

My Support

My Training

Contribute

Participate in Beta

Report Bug

Report Software Vulnerability

Share a Tip, Trick, etc.
Partners
+ Novell Partners Overview
Partner With Novell

Solution Provider & System Integrator

Independent Software Vendor

Academic Training Partner

Commercial Training Partner

PartnerNet

PartnerNet Login

Enablement Central
Find a Partner

Partner Locator

SUSE Linux Enterprise ISV Catalog

Certified Partner Products

Developers

YES Certified Program

Developer Community
Communities
+ Novell Communities Overview
User Communities

Social Networks

Novell Blogs & Podcasts
About Novell
+ About Novell
Contact Us

Our Customers

Executive Management

Job Search

Events

Media Gallery

Industry Analysts

Press Releases

Subscribe
How to Buy
+ How to Buy Overview
Request a Call

Find a Partner

Shop for Training

Volume Licensing & Buying Programs

Novell Merchandise

CVE-2007-6428

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2007-6428 at MITRE

Description

The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entry: 345128

SUSE Security Advisories:

SUSE-SA:2008:003, published Thu, 17 Jan 2008 15:00:00 +0000
SUSE-SR:2008:003, published Thu, 07 Feb 2008 18:00:00 +0000
SUSE-SR:2008:008, published Fri, 04 Apr 2008 16:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE LINUX 10.1	`NX >= 1.5.0-41.5`
Novell Linux Desktop 9 for x86_64	`XFree86-libs >= 4.3.99.902-43.94` `XFree86-libs-32bit >= 9-200801062003` `XFree86-server >= 4.3.99.902-43.94`	sles9-oes.x86 YOU Patch Nr: 12040
Novell Linux Desktop 9 for x86 Open Enterprise Server	`XFree86-libs >= 4.3.99.902-43.94` `XFree86-server >= 4.3.99.902-43.94`	sles9-oes.x86 YOU Patch Nr: 12040
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server	`XFree86-Xnest >= 4.3.99.902-43.94` `XFree86-Xvfb >= 4.3.99.902-43.94`	core9.s390 sles9-oes.x86 YOU Patch Nr: 12043
SUSE LINUX 10.1	`xorg-x11-Xnest >= 6.9.0-50.54.5` `xorg-x11-Xvfb >= 6.9.0-50.54.5` `xorg-x11-devel >= 6.9.0-50.54.5` `xorg-x11-devel-32bit >= 6.9.0-50.54.5` `xorg-x11-devel-64bit >= 6.9.0-50.54.5` `xorg-x11-libs >= 6.9.0-50.54.5` `xorg-x11-libs-32bit >= 6.9.0-50.54.5` `xorg-x11-libs-64bit >= 6.9.0-50.54.5` `xorg-x11-server >= 6.9.0-50.54.5`
SUSE LINUX 10.1	`xgl >= cvs_060522-0.37.5`

© 2013 Novell