Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2007-6429

Disclosure Date: January 18, 2008 •

Description

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

x.org

Products

References

Canonical

CVE-2007-6429 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429)

BID-27336 (http://www.securityfocus.com/bid/27336)

BID-27350 (http://www.securityfocus.com/bid/27350)

BID-27353 (http://www.securityfocus.com/bid/27353)

Advisory

SECUNIA-28542 (http://secunia.com/advisories/28542)

SECUNIA-29139 (http://secunia.com/advisories/29139)

ADV-2008-0184 (http://www.vupen.com/english/advisories/2008/0184)

XF-xorg-mitshm-overflow(39764) (https://exchange.xforce.ibmcloud.com/vulnerabilities/39764)

SECUNIA-29622 (http://secunia.com/advisories/29622)

FEDORA-2008-0831 (https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html)

http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html

SECUNIA-28532 (http://secunia.com/advisories/28532)

SECUNIA-29707 (http://secunia.com/advisories/29707)

http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm

SECUNIA-28843 (http://secunia.com/advisories/28843)

DSA-1466 (http://www.debian.org/security/2008/dsa-1466)

SECUNIA-28540 (http://secunia.com/advisories/28540)

SSRT080083 (http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321)

20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (http://www.securityfocus.com/archive/1/487335/100/0/threaded)

ADV-2008-0703 (http://www.vupen.com/english/advisories/2008/0703)

http://www.mandriva.com/security/advisories?name=MDVSA-2008:021

ADV-2008-0924 (http://www.vupen.com/english/advisories/2008/0924/references)

SECUNIA-28718 (http://secunia.com/advisories/28718)

SUNALERT-200153 (http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1)

http://www.redhat.com/support/errata/RHSA-2008-0029.html

SECUNIA-28584 (http://secunia.com/advisories/28584)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045

SECUNIA-28941 (http://secunia.com/advisories/28941)

SECUNIA-28592 (http://secunia.com/advisories/28592)

http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm

SECUNIA-29420 (http://secunia.com/advisories/29420)

http://www.mandriva.com/security/advisories?name=MDVSA-2008:022

APPLE-SA-2008-03-18 (http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html)

XF-xorg-evi-bo(39763) (https://exchange.xforce.ibmcloud.com/vulnerabilities/39763)

SECUNIA-30161 (http://secunia.com/advisories/30161)

GLSA-200805-07 (http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml)

http://www.redhat.com/support/errata/RHSA-2008-0030.html

SECUNIA-28543 (http://secunia.com/advisories/28543)

SECUNIA-28273 (http://secunia.com/advisories/28273)

http://www.redhat.com/support/errata/RHSA-2008-0031.html

SECUNIA-28550 (http://secunia.com/advisories/28550)

ADV-2008-0497 (http://www.vupen.com/english/advisories/2008/0497/references)

http://bugs.gentoo.org/show_bug.cgi?id=204362

http://www.mandriva.com/security/advisories?name=MDVSA-2008:023

SECUNIA-28885 (http://secunia.com/advisories/28885)

SUNALERT-103200 (http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1)

http://www.mandriva.com/security/advisories?name=MDVSA-2008:025

USN-571-1 (https://usn.ubuntu.com/571-1)

GLSA-200804-05 (http://security.gentoo.org/glsa/glsa-200804-05.xml)

SECUNIA-28535 (http://secunia.com/advisories/28535)

ADV-2008-3000 (http://www.vupen.com/english/advisories/2008/3000)

http://docs.info.apple.com/article.html?artnum=307562

[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server (http://lists.freedesktop.org/archives/xorg/2008-January/031918.html)

http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities

SECUNIA-32545 (http://secunia.com/advisories/32545)

SECUNIA-28838 (http://secunia.com/advisories/28838)

SECTRACK-1019232 (http://securitytracker.com/id?1019232)

https://issues.rpath.com/browse/RPL-2010

SECUNIA-28539 (http://secunia.com/advisories/28539)

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html

SECUNIA-28616 (http://secunia.com/advisories/28616)

FEDORA-2008-0760 (https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html)

SECUNIA-28536 (http://secunia.com/advisories/28536)

SECUNIA-28693 (http://secunia.com/advisories/28693)

GLSA-200801-09 (http://security.gentoo.org/glsa/glsa-200801-09.xml)

ADV-2008-0179 (http://www.vupen.com/english/advisories/2008/0179)

Miscellaneous

20080117 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645)

[4.1] 20080208 012: SECURITY FIX: February 8, 2008 (http://www.openbsd.org/errata41.html#012_xorg)

[4.2] 20080208 006: SECURITY FIX: February 8, 2008 (http://www.openbsd.org/errata42.html#006_xorg)

Rapid7

Technical Analysis