CentOS Errata and Security Advisory CESA-2007:0157
X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
An integer overflow flaw was found in the X.org XGetPixel() function. Improper use of this function could cause an application calling it to function improperly, possibly leading to a crash or arbitrary code execution. (CVE-2007-1667)
Users of the X.org X11 server should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-April/025730.html http://lists.centos.org/pipermail/centos-announce/2007-April/025731.html
Affected packages: libX11 libX11-devel xorg-x11-apps
Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0157.html