PT-2007-7528 · X.Org+1 · Xorg-X11-Server+2

Publicado

1970-01-01

Atualizado

2017-09-29

CVE-2007-4730

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions X.org X11 server versions prior to 1.4 xorg-server versions prior to 1.3.0.0-r1

Description The issue is related to a buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server, which allows local users to execute arbitrary code. Multiple vulnerabilities in various xorg-x11 packages may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For X.org X11 server versions prior to 1.4, update to version 1.4 or later. For xorg-server versions prior to 1.3.0.0-r1, update to version 1.3.0.0-r1 or later. As a temporary workaround, consider restricting access to the vulnerable Composite extension until a patch is available.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2015-04622

BDU:2015-04623

BDU:2015-04624

BDU:2015-04625

BDU:2015-04626

BDU:2015-04627

BDU:2015-04978

BDU:2015-04979

BDU:2015-04980

BDU:2015-04981

BDU:2015-04982

BDU:2015-04983

BDU:2015-04984

BDU:2015-09601

CVE-2007-4730

DSA-1372-1

DTSA-73-1

RHSA-2007:0898

RHSA-2007_0898

Produtos afetados

Red Hat

Xorg-X11-Server

Xorg-Server

PT-2007-7528 · X.Org+1 · Xorg-X11-Server+2

CVE-2007-4730

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51