X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges.
Created attachment 806554 [details]
Red Hat would like to thank the X.Org security team for reporting this issue. Upstream acknowledges Pedro Ribeiro as the original reporter.
This is now public:
Created xorg-x11-server tracking bugs for this issue:
Affects: fedora-all [bug 1017013]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Via RHSA-2013:1426 https://rhn.redhat.com/errata/RHSA-2013-1426.html