CVE-2007-6429 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2007-6429

CVE-2007-6429

January 18, 2008

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

Related Resources (70)

http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html

http://secunia.com/advisories/28532

http://www.mandriva.com/security/advisories?name=MDVSA-2008:025

http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045

http://www.debian.org/security/2008/dsa-1466

http://secunia.com/advisories/28539

http://secunia.com/advisories/28941

http://security.gentoo.org/glsa/glsa-200804-05.xml

http://www.openbsd.org/errata41.html#012_xorg

http://www.vupen.com/english/advisories/2008/3000

http://lists.freedesktop.org/archives/xorg/2008-January/031918.html

http://secunia.com/advisories/32545

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html

http://secunia.com/advisories/28592

http://docs.info.apple.com/article.html?artnum=307562

http://secunia.com/advisories/28543

http://www.redhat.com/support/errata/RHSA-2008-0030.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:022

http://secunia.com/advisories/28885

http://www.securityfocus.com/bid/27336

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

http://www.redhat.com/support/errata/RHSA-2008-0031.html

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321

http://secunia.com/advisories/28718

http://secunia.com/advisories/29707

http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities

http://www.securityfocus.com/bid/27350

http://secunia.com/advisories/28838

http://secunia.com/advisories/29420

http://www.mandriva.com/security/advisories?name=MDVSA-2008:021

https://issues.rpath.com/browse/RPL-2010

http://secunia.com/advisories/28550

http://www.redhat.com/support/errata/RHSA-2008-0029.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:023

http://secunia.com/advisories/28616

http://www.securityfocus.com/archive/1/487335/100/0/threaded

https://usn.ubuntu.com/571-1/

http://www.vupen.com/english/advisories/2008/0184

http://secunia.com/advisories/29622

http://secunia.com/advisories/29139

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1

http://securitytracker.com/id?1019232

http://www.vupen.com/english/advisories/2008/0924/references

http://secunia.com/advisories/28693

http://secunia.com/advisories/28584

http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1

http://www.securityfocus.com/bid/27353

http://bugs.gentoo.org/show_bug.cgi?id=204362

http://security.gentoo.org/glsa/glsa-200801-09.xml

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://secunia.com/advisories/28273

https://access.redhat.com/security/cve/CVE-2007-6429

http://secunia.com/advisories/28535

http://secunia.com/advisories/28843

http://secunia.com/advisories/28542

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645

http://secunia.com/advisories/28540

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html

http://www.vupen.com/english/advisories/2008/0179

http://www.openbsd.org/errata42.html#006_xorg

http://www.vupen.com/english/advisories/2008/0703

http://www.vupen.com/english/advisories/2008/0497/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/39763

http://secunia.com/advisories/30161

http://secunia.com/advisories/28536

https://exchange.xforce.ibmcloud.com/vulnerabilities/39764

http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm

Do you need more information?

CVSS v4

Base Score:

9.2

Attack Vector

NETWORK

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

HIGH

Vulnerable System Integrity

HIGH

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

CVSS v2

Base Score:

9.3

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

EPSS

Base Score:

2.27