Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2007-6429

Disclosure Date: January 18, 2008
CVE-2007-6429
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • x.org

Products

  • evi,
  • mit-shm,
  • xserver

References

Canonical
CVE-2007-6429 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429)
BID-27336 (http://www.securityfocus.com/bid/27336)
BID-27350 (http://www.securityfocus.com/bid/27350)
BID-27353 (http://www.securityfocus.com/bid/27353)
Advisory
SECUNIA-28542 (http://secunia.com/advisories/28542)
SECUNIA-29139 (http://secunia.com/advisories/29139)
ADV-2008-0184 (http://www.vupen.com/english/advisories/2008/0184)
XF-xorg-mitshm-overflow(39764) (https://exchange.xforce.ibmcloud.com/vulnerabilities/39764)
SECUNIA-29622 (http://secunia.com/advisories/29622)
FEDORA-2008-0831 (https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html)
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
SECUNIA-28532 (http://secunia.com/advisories/28532)
SECUNIA-29707 (http://secunia.com/advisories/29707)
http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm
SECUNIA-28843 (http://secunia.com/advisories/28843)
DSA-1466 (http://www.debian.org/security/2008/dsa-1466)
SECUNIA-28540 (http://secunia.com/advisories/28540)
SSRT080083 (http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321)
20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (http://www.securityfocus.com/archive/1/487335/100/0/threaded)
ADV-2008-0703 (http://www.vupen.com/english/advisories/2008/0703)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:021
ADV-2008-0924 (http://www.vupen.com/english/advisories/2008/0924/references)
SECUNIA-28718 (http://secunia.com/advisories/28718)
SUNALERT-200153 (http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1)
http://www.redhat.com/support/errata/RHSA-2008-0029.html
SECUNIA-28584 (http://secunia.com/advisories/28584)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045
SECUNIA-28941 (http://secunia.com/advisories/28941)
SECUNIA-28592 (http://secunia.com/advisories/28592)
http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm
SECUNIA-29420 (http://secunia.com/advisories/29420)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:022
APPLE-SA-2008-03-18 (http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html)
XF-xorg-evi-bo(39763) (https://exchange.xforce.ibmcloud.com/vulnerabilities/39763)
SECUNIA-30161 (http://secunia.com/advisories/30161)
GLSA-200805-07 (http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml)
http://www.redhat.com/support/errata/RHSA-2008-0030.html
SECUNIA-28543 (http://secunia.com/advisories/28543)
SECUNIA-28273 (http://secunia.com/advisories/28273)
http://www.redhat.com/support/errata/RHSA-2008-0031.html
SECUNIA-28550 (http://secunia.com/advisories/28550)
ADV-2008-0497 (http://www.vupen.com/english/advisories/2008/0497/references)
http://bugs.gentoo.org/show_bug.cgi?id=204362
http://www.mandriva.com/security/advisories?name=MDVSA-2008:023
SECUNIA-28885 (http://secunia.com/advisories/28885)
SUNALERT-103200 (http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:025
USN-571-1 (https://usn.ubuntu.com/571-1)
GLSA-200804-05 (http://security.gentoo.org/glsa/glsa-200804-05.xml)
SECUNIA-28535 (http://secunia.com/advisories/28535)
ADV-2008-3000 (http://www.vupen.com/english/advisories/2008/3000)
http://docs.info.apple.com/article.html?artnum=307562
[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server (http://lists.freedesktop.org/archives/xorg/2008-January/031918.html)
http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities
SECUNIA-32545 (http://secunia.com/advisories/32545)
SECUNIA-28838 (http://secunia.com/advisories/28838)
SECTRACK-1019232 (http://securitytracker.com/id?1019232)
https://issues.rpath.com/browse/RPL-2010
SECUNIA-28539 (http://secunia.com/advisories/28539)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
SECUNIA-28616 (http://secunia.com/advisories/28616)
FEDORA-2008-0760 (https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html)
SECUNIA-28536 (http://secunia.com/advisories/28536)
SECUNIA-28693 (http://secunia.com/advisories/28693)
GLSA-200801-09 (http://security.gentoo.org/glsa/glsa-200801-09.xml)
ADV-2008-0179 (http://www.vupen.com/english/advisories/2008/0179)
Miscellaneous
20080117 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645)
[4.1] 20080208 012: SECURITY FIX: February 8, 2008 (http://www.openbsd.org/errata41.html#012_xorg)
[4.2] 20080208 006: SECURITY FIX: February 8, 2008 (http://www.openbsd.org/errata42.html#006_xorg)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis