CVE-2007-6428

Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 1.4.1 x-window-system (affected versions not specified) xfonts-75dpi-transcoded (affected versions not specified) libxfont1-dbg (affected versions not specified) libxaw6-dev (affected versions not specified) xlibs (affected versions not specified) libxaw6-dbg (affected versions not specified) libxrandr2-dbg (affected versions not specified) xdmx-tools (affected versions not specified) xutils (affected versions not specified) xlibmesa-dev (affected versions not specified) xlibmesa3-dbg (affected versions not specified) libdps-dev (affected versions not specified) xlibmesa3 (affected versions not specified) libxext6-dbg (affected versions not specified) libxft1 (affected versions not specified) xlibs-dbg (affected versions not specified) libx11-6 (affected versions not specified) libxi6 (affected versions not specified) xvfb (affected versions not specified) libxaw7-dbg (affected versions not specified) xlibmesa-glu-dev (affected versions not specified) libxext-dev (affected versions not specified) libx11-dev (affected versions not specified) libxp6 (affected versions not specified) libxrandr2 (affected versions not specified) libxtrap-dev (affected versions not specified) xfonts-100dpi (affected versions not specified) libxpm-dev (affected versions not specified) libxt-dev (affected versions not specified) libxfont-dev (affected versions not specified) libxtst-dev (affected versions not specified) xlibmesa-dri (affected versions not specified) libxmu6 (affected versions not specified) xfonts-base-transcoded (affected versions not specified) proxymngr (affected versions not specified) libxt6 (affected versions not specified) libxv-dev (affected versions not specified) libxaw7-dev (affected versions not specified) libsm6 (affected versions not specified) libxtst6-dbg (affected versions not specified) libxp6-dbg (affected versions not specified) xlibmesa-gl-dev (affected versions not specified) libxi-dev (affected versions not specified) xlibmesa-gl-dbg (affected versions not specified) libxmuu1 (affected versions not specified) xspecs (affected versions not specified) libxmuu-dev (affected versions not specified) libxtrap6 (affected versions not specified) x-window-system-dev (affected versions not specified) libsm6-dbg (affected versions not specified) libxtrap6-dbg (affected versions not specified) xfs (affected versions not specified) libxi6-dbg (affected versions not specified) xlibmesa-dri-dbg (affected versions not specified) libxv1-dbg (affected versions not specified) libxmu6-dbg (affected versions not specified) libxmu-dev (affected versions not specified) xfonts-base (affected versions not specified) libxpm4 (affected versions not specified) libx11-6-dbg (affected versions not specified) libxaw7 (affected versions not specified) xdmx (affected versions not specified) xlibs-dev (affected versions not specified) xlibs-data (affected versions not specified) x-window-system-core (affected versions not specified) lbxproxy (affected versions not specified) libxaw6 (affected versions not specified) libxext6 (affected versions not specified) libxt6-dbg (affected versions not specified) libxft1-dbg (affected versions not specified)

Description The issue is related to multiple vulnerabilities in various packages of the Debian GNU/Linux operating system. These vulnerabilities can be exploited remotely and may lead to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities exist in various components, including xorg-server, x-window-system, and multiple libraries. The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver is also affected, allowing context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.