Lucene search

[email protected]CVE-2007-4990

HistoryOct 05, 2007 - 9:17 p.m.

CVE-2007-4990

2007-10-0521:17:00

CWE-189

[email protected]

web.nvd.nist.gov

x.org

x font server

arbitrary code execution

protocol requests

heap corruption

cve-2007-4990

nvd

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

CPENameOperatorVersion
x.org:x_font_serverx.org x font serverle1.0.4

CPE	Name	Operator	Version
x.org:x_font_server	x.org x font server	le	1.0.4

References

bugs.freedesktop.org/show_bug.cgi?id=12299

bugs.gentoo.org/show_bug.cgi?id=194606

docs.info.apple.com/article.html?artnum=307562

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725

labs.idefense.com/intelligence/vulnerabilities/display.php?id=602

lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html

secunia.com/advisories/27040

secunia.com/advisories/27052

secunia.com/advisories/27060

secunia.com/advisories/27176

secunia.com/advisories/27228

secunia.com/advisories/27240

secunia.com/advisories/27560

secunia.com/advisories/28004

secunia.com/advisories/28514

secunia.com/advisories/28536

secunia.com/advisories/28542

secunia.com/advisories/29420

security.gentoo.org/glsa/glsa-200710-11.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1

www.mandriva.com/security/advisories?name=MDKSA-2007:210

www.novell.com/linux/security/advisories/2007_54_xorg.html

www.redhat.com/support/errata/RHSA-2008-0029.html

www.redhat.com/support/errata/RHSA-2008-0030.html

www.securityfocus.com/archive/1/481432/100/0/threaded

www.securityfocus.com/bid/25898

www.securitytracker.com/id?1018763

www.vupen.com/english/advisories/2007/3337

www.vupen.com/english/advisories/2007/3338

www.vupen.com/english/advisories/2007/3467

www.vupen.com/english/advisories/2008/0149

www.vupen.com/english/advisories/2008/0924/references

exchange.xforce.ibmcloud.com/vulnerabilities/36920

issues.rpath.com/browse/RPL-1756

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599

www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON

Related for CVE-2007-4990

nessus16 openvas24 prion2 ubuntucve2 canvas1 cve1 osv1 debiancve1 fedora1 securityvulns1 gentoo1 suse1 centos3 redhat2 oraclelinux1