Search...

xorg-server -- buffer overflow

2007-09-09T00:00:00

ID DSA-1372
Type debian
Reporter Debian
Modified 2007-09-09T00:00:00

Description

Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation.

The oldstable distribution (sarge) is not affected by this problem.

For the stable distribution (etch) this problem has been fixed in version 1.1.1-21etch1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your xorg-server packages.

JSON Vulners Source

Initial Source

{"bulletinFamily": "unix", "reporter": "Debian", "history": [], "modified": "2007-09-09T00:00:00", "enchantments": {"vulnersScore": 7.2}, "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_sparc.deb", "packageName": "xnest", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_mips.deb", "packageName": "xserver-xorg-dev", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_i386.deb", "packageName": "xvfb", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_mipsel.deb", "packageName": "xdmx-tools", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_arm.deb", "packageName": "xdmx-tools", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_i386.deb", "packageName": "xnest", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_sparc.deb", "packageName": "xvfb", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_powerpc.deb", "packageName": "xdmx-tools", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_mipsel.deb", "packageName": "xnest", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_ia64.deb", "packageName": "xvfb", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_arm.deb", "packageName": "xserver-xephyr", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_alpha.deb", "packageName": "xdmx", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_hppa.deb", "packageName": "xserver-xephyr", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_amd64.deb", "packageName": "xnest", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_powerpc.deb", "packageName": "xnest", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_mips.deb", "packageName": "xserver-xorg-core", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_ia64.deb", "packageName": "xserver-xorg-dev", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_hppa.deb", "packageName": "xserver-xorg-dev", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_sparc.deb", "packageName": "xserver-xorg-core", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_mips.deb", "packageName": "xnest", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_arm.deb", "packageName": "xdmx", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_i386.deb", "packageName": "xserver-xorg-dev", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_arm.deb", "packageName": "xnest", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_alpha.deb", "packageName": "xdmx-tools", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_hppa.deb", "packageName": "xvfb", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_sparc.deb", "packageName": "xserver-xephyr", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_alpha.deb", "packageName": "xserver-xephyr", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_sparc.deb", "packageName": "xserver-xorg-dev", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_amd64.deb", "packageName": "xvfb", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_mips.deb", "packageName": "xdmx-tools", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_mips.deb", "packageName": "xdmx", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_hppa.deb", "packageName": "xnest", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_sparc.deb", "packageName": "xdmx-tools", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_hppa.deb", "packageName": "xserver-xorg-core", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_ia64.deb", "packageName": "xnest", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_i386.deb", "packageName": "xserver-xorg-core", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_powerpc.deb", "packageName": "xvfb", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_mips.deb", "packageName": "xvfb", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_powerpc.deb", "packageName": "xserver-xephyr", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xorg-server_1.1.1-21etch1.dsc", "packageName": "xorg-server", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1.orig", "packageFilename": "xorg-server_1.1.1.orig.tar.gz", "packageName": "xorg-server", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_i386.deb", "packageName": "xserver-xephyr", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_ia64.deb", "packageName": "xserver-xephyr", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_arm.deb", "packageName": "xvfb", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_alpha.deb", "packageName": "xvfb", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_ia64.deb", "packageName": "xdmx", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_amd64.deb", "packageName": "xdmx", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_alpha.deb", "packageName": "xnest", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_i386.deb", "packageName": "xdmx", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_s390.deb", "packageName": "xserver-xephyr", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_alpha.deb", "packageName": "xserver-xorg-core", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_s390.deb", "packageName": "xdmx", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_mipsel.deb", "packageName": "xvfb", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_amd64.deb", "packageName": "xserver-xorg-dev", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_ia64.deb", "packageName": "xdmx-tools", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xnest_1.1.1-21etch1_s390.deb", "packageName": "xnest", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_i386.deb", "packageName": "xdmx-tools", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xvfb_1.1.1-21etch1_s390.deb", "packageName": "xvfb", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_amd64.deb", "packageName": "xdmx-tools", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_amd64.deb", "packageName": "xserver-xephyr", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_hppa.deb", "packageName": "xdmx", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_sparc.deb", "packageName": "xdmx", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_amd64.deb", "packageName": "xserver-xorg-core", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_s390.deb", "packageName": "xserver-xorg-dev", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_powerpc.deb", "packageName": "xserver-xorg-dev", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_s390.deb", "packageName": "xdmx-tools", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_ia64.deb", "packageName": "xserver-xorg-core", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_arm.deb", "packageName": "xserver-xorg-core", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_mipsel.deb", "packageName": "xserver-xorg-dev", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_mipsel.deb", "packageName": "xdmx", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1.diff", "packageFilename": "xorg-server_1.1.1-21etch1.diff.gz", "packageName": "xorg-server", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_powerpc.deb", "packageName": "xserver-xorg-core", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx-tools_1.1.1-21etch1_hppa.deb", "packageName": "xdmx-tools", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xdmx_1.1.1-21etch1_powerpc.deb", "packageName": "xdmx", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_mipsel.deb", "packageName": "xserver-xephyr", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_arm.deb", "packageName": "xserver-xorg-dev", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_s390.deb", "packageName": "xserver-xorg-core", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-dev_1.1.1-21etch1_alpha.deb", "packageName": "xserver-xorg-dev", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xephyr_1.1.1-21etch1_mips.deb", "packageName": "xserver-xephyr", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.1-21etch1", "packageFilename": "xserver-xorg-core_1.1.1-21etch1_mipsel.deb", "packageName": "xserver-xorg-core", "arch": "mipsel", "operator": "lt"}], "cvelist": ["CVE-2007-4730"], "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "title": "xorg-server -- buffer overflow", "objectVersion": "1.2", "edition": 1, "description": "Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation.\n\nThe oldstable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in version 1.1.1-21etch1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your xorg-server packages.", "type": "debian", "references": [], "hash": "e6dbfe293e52d4311210f32ac86a42e73e8dc22bf81119c6e8e7abe2661b1be2", "viewCount": 0, "href": "http://www.debian.org/security/dsa-1372", "published": "2007-09-09T00:00:00", "lastseen": "2016-09-02T18:31:40", "id": "DSA-1372"}

{"result": {"cve": [{"id": "CVE-2007-4730", "type": "cve", "title": "CVE-2007-4730", "description": "Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.", "published": "2007-09-11T15:17:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4730", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-12T21:07:15"}], "ubuntu": [{"id": "USN-514-1", "type": "ubuntu", "title": "X.org vulnerability", "description": "Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges.", "published": "2007-09-18T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/514-1/", "cvelist": ["CVE-2007-4730"], "lastseen": "2018-03-29T18:19:57"}], "openvas": [{"id": "OPENVAS:830332", "type": "openvas", "title": "Mandriva Update for x11-server MDKSA-2007:178 (x11-server)", "description": "Check for the Version of x11-server", "published": "2009-04-09T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=830332", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-07-24T12:56:10"}, {"id": "OPENVAS:58677", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200710-16 (X.Org)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200710-16.", "published": "2008-09-24T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=58677", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-07-24T12:49:44"}, {"id": "OPENVAS:1361412562310830332", "type": "openvas", "title": "Mandriva Update for x11-server MDKSA-2007:178 (x11-server)", "description": "Check for the Version of x11-server", "published": "2009-04-09T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830332", "cvelist": ["CVE-2007-4730"], "lastseen": "2018-04-09T11:38:55"}, {"id": "OPENVAS:840036", "type": "openvas", "title": "Ubuntu Update for xorg-server vulnerability USN-514-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-514-1", "published": "2009-03-23T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840036", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-12-04T11:29:24"}, {"id": "OPENVAS:850077", "type": "openvas", "title": "SuSE Update for XOrg SUSE-SA:2007:054", "description": "Check for the Version of XOrg", "published": "2009-01-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=850077", "cvelist": ["CVE-2007-4730", "CVE-2007-4990", "CVE-2007-4989", "CVE-2007-4568"], "lastseen": "2017-12-12T11:20:47"}, {"id": "OPENVAS:61041", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200805-07 (ltsp)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200805-07.", "published": "2008-09-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=61041", "cvelist": ["CVE-2006-3738", "CVE-2007-4995", "CVE-2007-5958", "CVE-2007-1667", "CVE-2007-4730", "CVE-2007-3108", "CVE-2007-1351", "CVE-2007-6429", "CVE-2007-2754", "CVE-2008-0006", "CVE-2007-5269", "CVE-2007-6428", "CVE-2007-5135", "CVE-2007-5268", "CVE-2007-5760", "CVE-2007-5266", "CVE-2007-2445", "CVE-2007-6427"], "lastseen": "2017-07-24T12:50:18"}], "oraclelinux": [{"id": "ELSA-2007-0898", "type": "oraclelinux", "title": "Moderate: xorg-x11 security update ", "description": " [6.8.2-1.EL.31.0.1]\n - Add Enterprise Linux detection\n \n [6.8.2-1.EL.31]\n - Rebuild due to missing patch\n \n [6.8.2-1.EL.30]\n - Add patch9832 -p1 -b .cve-2007-4730 (#286081) ", "published": "2007-09-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2007-0898.html", "cvelist": ["CVE-2007-4730"], "lastseen": "2016-09-04T11:16:33"}], "nessus": [{"id": "UBUNTU_USN-514-1.NASL", "type": "nessus", "title": "Ubuntu 6.06 LTS : xorg-server vulnerability (USN-514-1)", "description": "Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2007-11-10T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=28119", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:45:21"}, {"id": "CENTOS_RHSA-2007-0898.NASL", "type": "nessus", "title": "CentOS 4 : xorg-x11 (CESA-2007:0898)", "description": "Updated X.org packages that correct a flaw in X.Org's composite extension are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nX.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.\n\nA flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode. If an X.org server has enabled the composite extension, it may be possible for a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-4730)\n\nPlease note this flaw can only be triggered when using a compositing window manager. Red Hat Enterprise Linux 4 does not ship with a compositing window manager.\n\nUsers of X.org should upgrade to these updated packages, which contain a backported patch and are not vulnerable to these issues.", "published": "2007-09-24T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=26076", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:37:02"}, {"id": "ORACLELINUX_ELSA-2007-0898.NASL", "type": "nessus", "title": "Oracle Linux 4 : xorg-x11 (ELSA-2007-0898)", "description": "From Red Hat Security Advisory 2007:0898 :\n\nUpdated X.org packages that correct a flaw in X.Org's composite extension are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nX.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.\n\nA flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode. If an X.org server has enabled the composite extension, it may be possible for a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-4730)\n\nPlease note this flaw can only be triggered when using a compositing window manager. Red Hat Enterprise Linux 4 does not ship with a compositing window manager.\n\nUsers of X.org should upgrade to these updated packages, which contain a backported patch and are not vulnerable to these issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67572", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:41:20"}, {"id": "SL_20070919_XORG_X11_ON_SL4_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : xorg-x11 on SL4.x i386/x86_64", "description": "A flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode. If an X.org server has enabled the composite extension, it may be possible for a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-4730)\n\nPlease note this flaw can only be triggered when using a compositing window manager. Scientific Linux 4 does not ship with a compositing window manager.", "published": "2012-08-01T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=60254", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:35:22"}, {"id": "GENTOO_GLSA-200710-16.NASL", "type": "nessus", "title": "GLSA-200710-16 : X.Org X server: Composite local privilege escalation", "description": "The remote host is affected by the vulnerability described in GLSA-200710-16 (X.Org X server: Composite local privilege escalation)\n\n Aaron Plattner discovered a buffer overflow in the compNewPixmap() function when copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.\n Impact :\n\n A local attacker could execute arbitrary code with the privileges of the user running the X server, typically root.\n Workaround :\n\n Disable the Composite extension by setting ' Option 'Composite' 'disable' ' in the Extensions section of xorg.conf.\n Note: This could affect the functionality of some applications.", "published": "2007-10-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=27051", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:44:08"}, {"id": "MANDRAKE_MDKSA-2007-178.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : x11-server (MDKSA-2007:178)", "description": "Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which if exploited could lead to local privilege escalation.\n\nUpdated packages have been patched to prevent these issues.", "published": "2007-09-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=26045", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:40:47"}, {"id": "REDHAT-RHSA-2007-0898.NASL", "type": "nessus", "title": "RHEL 4 : xorg-x11 (RHSA-2007:0898)", "description": "Updated X.org packages that correct a flaw in X.Org's composite extension are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nX.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.\n\nA flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode. If an X.org server has enabled the composite extension, it may be possible for a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-4730)\n\nPlease note this flaw can only be triggered when using a compositing window manager. Red Hat Enterprise Linux 4 does not ship with a compositing window manager.\n\nUsers of X.org should upgrade to these updated packages, which contain a backported patch and are not vulnerable to these issues.", "published": "2007-09-24T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=26111", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:40:35"}, {"id": "DEBIAN_DSA-1372.NASL", "type": "nessus", "title": "Debian DSA-1372-1 : xorg-server - buffer overflow", "description": "Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation.\n\nThe oldstable distribution (sarge) is not affected by this problem.", "published": "2007-09-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=26033", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-29T13:46:02"}, {"id": "SUSE_XORG-X11-4485.NASL", "type": "nessus", "title": "SuSE 10 Security Update : X.org X11 (ZYPP Patch Number 4485)", "description": "This update fixes the following issues :\n\nX Font Server build_range() Integer Overflow Vulnerability [IDEF2708] (CVE-2007-4989), X Font Server swap_char2b() Heap Overflow Vulnerability [IDEF2709] (CVE-2007-4990), Composite extension buffer overflow. (CVE-2007-4730)", "published": "2007-12-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=29603", "cvelist": ["CVE-2007-4730", "CVE-2007-4990", "CVE-2007-4568"], "lastseen": "2017-10-29T13:36:55"}], "osvdb": [{"id": "OSVDB:37726", "type": "osvdb", "title": "X.org X11 compalloc.c compNewPixmap Function Composite Pixmap Handling Local Overflow", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://bugs.freedesktop.org/show_bug.cgi?id=7447\nSecurity Tracker: 1018665\n[Secunia Advisory ID:26743](https://secuniaresearch.flexerasoftware.com/advisories/26743/)\n[Secunia Advisory ID:26755](https://secuniaresearch.flexerasoftware.com/advisories/26755/)\n[Secunia Advisory ID:26823](https://secuniaresearch.flexerasoftware.com/advisories/26823/)\n[Secunia Advisory ID:26897](https://secuniaresearch.flexerasoftware.com/advisories/26897/)\n[Secunia Advisory ID:27147](https://secuniaresearch.flexerasoftware.com/advisories/27147/)\n[Secunia Advisory ID:27228](https://secuniaresearch.flexerasoftware.com/advisories/27228/)\n[Secunia Advisory ID:27179](https://secuniaresearch.flexerasoftware.com/advisories/27179/)\n[Secunia Advisory ID:26763](https://secuniaresearch.flexerasoftware.com/advisories/26763/)\n[Secunia Advisory ID:26859](https://secuniaresearch.flexerasoftware.com/advisories/26859/)\nRedHat RHSA: RHSA-2007:0898\nOther Advisory URL: http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00001.html\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-September/000243.html\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-394.htm\nOther Advisory URL: https://issues.rpath.com/browse/RPL-1728\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:178\nOther Advisory URL: http://www.ubuntu.com/usn/usn-514-1\nOther Advisory URL: http://www.debian.org/security/2007/dsa-1372\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00134.html\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:178\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200710-16.xml\nMail List Post: http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html\nISS X-Force ID: 36535\nFrSIRT Advisory: ADV-2007-3098\n[CVE-2007-4730](https://vulners.com/cve/CVE-2007-4730)\nBugtraq ID: 25606\n", "published": "2007-09-06T16:17:07", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:37726", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-04-28T13:20:33"}], "gentoo": [{"id": "GLSA-200710-16", "type": "gentoo", "title": "X.Org X server: Composite local privilege escalation", "description": "### Background\n\nThe X Window System is a graphical windowing system based on a client/server model. \n\n### Description\n\nAaron Plattner discovered a buffer overflow in the compNewPixmap() function when copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. \n\n### Impact\n\nA local attacker could execute arbitrary code with the privileges of the user running the X server, typically root. \n\n### Workaround\n\nDisable the Composite extension by setting ' Option \"Composite\" \"disable\" ' in the Extensions section of xorg.conf. \n\nNote: This could affect the functionality of some applications. \n\n### Resolution\n\nAll X.Org X server users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-base/xorg-server-1.3.0.0-r1\"", "published": "2007-10-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200710-16", "cvelist": ["CVE-2007-4730"], "lastseen": "2016-09-06T19:47:02"}], "centos": [{"id": "CESA-2007:0898", "type": "centos", "title": "xorg security update", "description": "**CentOS Errata and Security Advisory** CESA-2007:0898\n\n\nX.org is an open source implementation of the X Window System. It provides\r\nthe basic low-level functionality that full-fledged graphical user\r\ninterfaces are designed upon.\r\n\r\nA flaw was found in the way X.Org's composite extension handles 32 bit\r\ncolor depth windows while running in 16 bit color depth mode. If an X.org\r\nserver has enabled the composite extension, it may be possible for a\r\nmalicious authorized client to cause a denial of service (crash) or\r\npotentially execute arbitrary code with the privileges of the X.org server.\r\n(CVE-2007-4730)\r\n\r\nPlease note this flaw can only be triggered when using a compositing window\r\nmanager. Red Hat Enterprise Linux 4 does not ship with a compositing window\r\nmanager.\r\n\r\nUsers of X.org should upgrade to these updated packages, which contain a\r\nbackported patch and are not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-September/014213.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-September/014214.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-September/014231.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-September/014232.html\n\n**Affected packages:**\nxorg-x11\nxorg-x11-Mesa-libGL\nxorg-x11-Mesa-libGLU\nxorg-x11-Xdmx\nxorg-x11-Xnest\nxorg-x11-Xvfb\nxorg-x11-deprecated-libs\nxorg-x11-deprecated-libs-devel\nxorg-x11-devel\nxorg-x11-doc\nxorg-x11-font-utils\nxorg-x11-libs\nxorg-x11-sdk\nxorg-x11-tools\nxorg-x11-twm\nxorg-x11-xauth\nxorg-x11-xdm\nxorg-x11-xfs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0898.html", "published": "2007-09-19T20:09:53", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2007-September/014213.html", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-10-12T14:45:00"}], "redhat": [{"id": "RHSA-2007:0898", "type": "redhat", "title": "(RHSA-2007:0898) Moderate: xorg-x11 security update", "description": "X.org is an open source implementation of the X Window System. It provides\r\nthe basic low-level functionality that full-fledged graphical user\r\ninterfaces are designed upon.\r\n\r\nA flaw was found in the way X.Org's composite extension handles 32 bit\r\ncolor depth windows while running in 16 bit color depth mode. If an X.org\r\nserver has enabled the composite extension, it may be possible for a\r\nmalicious authorized client to cause a denial of service (crash) or\r\npotentially execute arbitrary code with the privileges of the X.org server.\r\n(CVE-2007-4730)\r\n\r\nPlease note this flaw can only be triggered when using a compositing window\r\nmanager. Red Hat Enterprise Linux 4 does not ship with a compositing window\r\nmanager.\r\n\r\nUsers of X.org should upgrade to these updated packages, which contain a\r\nbackported patch and are not vulnerable to these issues.", "published": "2007-09-19T04:00:00", "cvss": {"score": 4.3, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2007:0898", "cvelist": ["CVE-2007-4730"], "lastseen": "2017-09-09T07:19:51"}], "suse": [{"id": "SUSE-SA:2007:054", "type": "suse", "title": "local privilege escalation in XOrg", "description": "The Xorg server was updated to fix 2 problems in the X FontServer found in Xorg versions starting with 6.8 and in the Composite extension.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2007-10-12T16:41:18", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00001.html", "cvelist": ["CVE-2007-4730", "CVE-2007-4990", "CVE-2007-4989", "CVE-2007-4568"], "lastseen": "2016-09-04T12:20:26"}]}}