PT-2007-7528 · X.Org+1 · Xorg-X11-Server+2

Published

1970-01-01

Updated

2017-09-29

CVE-2007-4730

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions X.org X11 server versions prior to 1.4 xorg-server versions prior to 1.3.0.0-r1

Description The issue is related to a buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server, which allows local users to execute arbitrary code. Multiple vulnerabilities in various xorg-x11 packages may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For X.org X11 server versions prior to 1.4, update to version 1.4 or later. For xorg-server versions prior to 1.3.0.0-r1, update to version 1.3.0.0-r1 or later. As a temporary workaround, consider restricting access to the vulnerable Composite extension until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2015-04622

BDU:2015-04623

BDU:2015-04624

BDU:2015-04625

BDU:2015-04626

BDU:2015-04627

BDU:2015-04978

BDU:2015-04979

BDU:2015-04980

BDU:2015-04981

BDU:2015-04982

BDU:2015-04983

BDU:2015-04984

BDU:2015-09601

CVE-2007-4730

DSA-1372-1

DTSA-73-1

RHSA-2007:0898

RHSA-2007_0898

Affected Products

Red Hat

Xorg-X11-Server

Xorg-Server

PT-2007-7528 · X.Org+1 · Xorg-X11-Server+2

CVE-2007-4730

Weakness Enumeration

Related Identifiers

Affected Products

References · 51