Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5760

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5760
Last Modified 07 Mar 2011 10:01:15
Published 18 Jan 2008 06:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5760

Summary

Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.

Vulnerable Systems

Application

  • X.org Xserver 1.4

  • Xfree86 Project Xfree86-misc


References

BID - 27336

SUNALERT - 103200

MLIST - [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server

VUPEN - ADV-2008-0497

VUPEN - ADV-2008-0184

VUPEN - ADV-2008-0179

IDEFENSE - 20080117 Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability

FEDORA - FEDORA-2008-0831

FEDORA - FEDORA-2008-0760

CONFIRM - https://issues.rpath.com/browse/RPL-2010

XF - xorg-xfree86misc-code-execution(39766)

UBUNTU - USN-571-1

BID - 27354

BUGTRAQ - 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs

REDHAT - RHSA-2008:0031

REDHAT - RHSA-2008:0030

OPENBSD - [4.2] 20080208 006: SECURITY FIX: February 8, 2008

OPENBSD - [4.1] 20080208 012: SECURITY FIX: February 8, 2008

MANDRIVA - MDVSA-2008:025

MANDRIVA - MDVSA-2008:023

MANDRIVA - MDVSA-2008:022

GENTOO - GLSA-200805-07

DEBIAN - DSA-1466

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm

SUNALERT - 200153

SECTRACK - 1019232

GENTOO - GLSA-200804-05

GENTOO - GLSA-200801-09

SECUNIA - 30161

SECUNIA - 29707

SECUNIA - 28941

SECUNIA - 28885

SECUNIA - 28843

SECUNIA - 28718

SECUNIA - 28693

SECUNIA - 28616

SECUNIA - 28592

SECUNIA - 28584

SECUNIA - 28550

SECUNIA - 28543

SECUNIA - 28540

SECUNIA - 28539

SECUNIA - 28536

SECUNIA - 28535

SECUNIA - 28532

SECUNIA - 28273

SUSE - SUSE-SA:2008:003

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=204362

Related Patches

Novell SUSE 2008:4860 xorg-x11-libs security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:46:16