Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6427

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-6427
Last Modified 07 Mar 2011 10:02:42
Published 18 Jan 2008 06:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6427

Summary

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

Vulnerable Systems

Application

  • X.org Xinput

  • X.org Xserver 1.4


References

BID - 27336

SUNALERT - 103200

MLIST - [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server

VUPEN - ADV-2008-3000

VUPEN - ADV-2008-0924

VUPEN - ADV-2008-0703

VUPEN - ADV-2008-0497

VUPEN - ADV-2008-0184

VUPEN - ADV-2008-0179

SECUNIA - 32545

IDEFENSE - 20080117 Multiple Vendor X Server XInput Extension Multiple Memory Corruption Vulnerabilities

HP - SSRT080083

FEDORA - FEDORA-2008-0831

FEDORA - FEDORA-2008-0760

CONFIRM - https://issues.rpath.com/browse/RPL-2010

XF - xorg-xinput-code-execution(39759)

CONFIRM - http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities

UBUNTU - USN-571-1

BID - 27351

BUGTRAQ - 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs

REDHAT - RHSA-2008:0031

REDHAT - RHSA-2008:0030

REDHAT - RHSA-2008:0029

OPENBSD - [4.2] 20080208 006: SECURITY FIX: February 8, 2008

OPENBSD - [4.1] 20080208 012: SECURITY FIX: February 8, 2008

MANDRIVA - MDVSA-2008:025

MANDRIVA - MDVSA-2008:023

MANDRIVA - MDVSA-2008:022

MANDRIVA - MDVSA-2008:021

GENTOO - GLSA-200805-07

DEBIAN - DSA-1466

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm

SUNALERT - 200153

SECTRACK - 1019232

GENTOO - GLSA-200804-05

GENTOO - GLSA-200801-09

SECUNIA - 30161

SECUNIA - 29707

SECUNIA - 29622

SECUNIA - 29420

SECUNIA - 29139

SECUNIA - 28941

SECUNIA - 28885

SECUNIA - 28843

SECUNIA - 28838

SECUNIA - 28718

SECUNIA - 28693

SECUNIA - 28616

SECUNIA - 28592

SECUNIA - 28584

SECUNIA - 28550

SECUNIA - 28543

SECUNIA - 28542

SECUNIA - 28540

SECUNIA - 28539

SECUNIA - 28536

SECUNIA - 28535

SECUNIA - 28532

SECUNIA - 28273

SUSE - SUSE-SR:2008:008

SUSE - SUSE-SR:2008:003

SUSE - SUSE-SA:2008:003

APPLE - APPLE-SA-2008-03-18

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=204362

HP - HPSBUX02381

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Server (Tiger PPC)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Tiger PPC)

Apple 2008-03-18 Security Update 2008-002 v1.0 Server (Tiger Universal)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Tiger Universal)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)

Novell SUSE 2008:4860 xorg-x11-libs security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:47:27