CVE-2007-6428 – xfree86: information disclosure via TOG-CUP extension

https://notcve.org/view.php?id=CVE-2007-6428

The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. La función ProcGetReservedColormapEntries de la extensión TOG-CUP de X.Org Xserver versiones anteriores a 1.4.1 permite a atacantes locales o remotos dependientes del contexto leer el contenido de ubicaciones de memoria de su elección mediante peticiones conteniendo un valor de 32 bits que se utiliza inapropiadamente como un índice de array. • http://bugs.gentoo.org/show_bug.cgi?id=204362 http://docs.info.apple.com/article.html?artnum=307562 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=644 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.freedesktop.org/archives/xorg/2008-January/031918.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://lists.opensuse.org/opensuse& •