Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2007-4990

Disclosure Date: October 05, 2007 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

x.org

Products

x font server

References

Canonical

CVE-2007-4990 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4990)

BID-25898 (http://www.securityfocus.com/bid/25898)

Advisory

http://www.novell.com/linux/security/advisories/2007_54_xorg.html

SECTRACK-1018763 (http://www.securitytracker.com/id?1018763)

SECUNIA-28542 (http://secunia.com/advisories/28542)

SUNALERT-200642 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1)

FEDORA-2007-4263 (https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html)

20071003 rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (http://www.securityfocus.com/archive/1/481432/100/0/threaded)

http://bugs.freedesktop.org/show_bug.cgi?id=12299

SECUNIA-28514 (http://secunia.com/advisories/28514)

SECUNIA-27052 (http://secunia.com/advisories/27052)

SECUNIA-27060 (http://secunia.com/advisories/27060)

ADV-2008-0924 (http://www.vupen.com/english/advisories/2008/0924/references)

HPSBUX02303 (http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725)

[xorg-announce] 20071002 [ANNOUNCE] X.Org security advisory: multiple vulnerabilities in X font server (http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html)

http://www.redhat.com/support/errata/RHSA-2008-0029.html

SECUNIA-28004 (http://secunia.com/advisories/28004)

SECUNIA-27240 (http://secunia.com/advisories/27240)

https://issues.rpath.com/browse/RPL-1756

SECUNIA-29420 (http://secunia.com/advisories/29420)

SECUNIA-27040 (http://secunia.com/advisories/27040)

APPLE-SA-2008-03-18 (http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html)

SECUNIA-27176 (http://secunia.com/advisories/27176)

GLSA-200710-11 (http://security.gentoo.org/glsa/glsa-200710-11.xml)

SECUNIA-27228 (http://secunia.com/advisories/27228)

ADV-2007-3467 (http://www.vupen.com/english/advisories/2007/3467)

http://www.redhat.com/support/errata/RHSA-2008-0030.html

SUNALERT-103114 (http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1)

ADV-2008-0149 (http://www.vupen.com/english/advisories/2008/0149)

http://www.mandriva.com/security/advisories?name=MDKSA-2007:210

http://bugs.gentoo.org/show_bug.cgi?id=194606

ADV-2007-3338 (http://www.vupen.com/english/advisories/2007/3338)

SECUNIA-27560 (http://secunia.com/advisories/27560)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599

http://docs.info.apple.com/article.html?artnum=307562

ADV-2007-3337 (http://www.vupen.com/english/advisories/2007/3337)

XF-xfs-queryxbitmaps-queryxextents-bo(36920) (https://exchange.xforce.ibmcloud.com/vulnerabilities/36920)

SECUNIA-28536 (http://secunia.com/advisories/28536)

Miscellaneous

20071002 Multiple Vendor X Font Server Multiple Vulnerabilities (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602)

Rapid7

Technical Analysis