CVE-2008-2361 – X.org Render extension ProcRenderCreateCursor() crash

https://notcve.org/view.php?id=CVE-2008-2361

11 Jun 2008 — Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory. Desbordamiento de entero en la función ProcRenderCreateCursor de la extensión Render del X server 1.4 en X.Org X11R7.3; permite a atacantes dependientes del contexto provocar una denegació... • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2361.diff • CWE-189: Numeric Errors •