CVE-2007-6429 - CVE Reference - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

CVE Reference: CVE-2007-6429

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6429

Description: Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39763 http://xforce.iss.net/xforce/xfdb/39764 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-571-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1 ST 1019232 SAID Secunia Advisory: SA29420 Secunia Advisory: SA29139 Secunia Advisory: SA28941 Secunia Advisory: SA28885 Secunia Advisory: SA28843 Secunia Advisory: SA28838 Secunia Advisory: SA28718 Secunia Advisory: SA28693 Secunia Advisory: SA28584 Secunia Advisory: SA28616 Secunia Advisory: SA28592 Secunia Advisory: SA28273 Secunia Advisory: SA28550 Secunia Advisory: SA28543 Secunia Advisory: SA28542 Secunia Advisory: SA28540 Secunia Advisory: SA28539 Secunia Advisory: SA28536 Secunia Advisory: SA28535 Secunia Advisory: SA28532 Secunia Advisory: SA29622 Secunia Advisory: SA29707 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0031.html http://www.redhat.com/support/errata/RHSA-2008-0030.html http://www.redhat.com/support/errata/RHSA-2008-0029.html OPENBSD http://www.openbsd.org/errata41.html#012_xorg http://www.openbsd.org/errata42.html#006_xorg MLIST http://lists.freedesktop.org/archives/xorg/2008-January/031918.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:023 http://www.mandriva.com/security/advisories?name=MDVSA-2008:025 http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645 GENTOO http://security.gentoo.org/glsa/glsa-200804-05.xml http://security.gentoo.org/glsa/glsa-200801-09.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1466 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm http://bugs.gentoo.org/show_bug.cgi?id=204362 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/487335/100/0/threaded BID 27353 27350 27336 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel Multiple Vulnerabilities

2.	TYPO3 sr_feuser_regis ter Extension Multiple Vulnerabilities

3.	Drupal Site Documentation Module Information Disclosure

4.	Oracle Application Server Portal Authentication Bypass

5.	Debian OpenSSL Predictable Random Number Generator and Update

6.	Cisco Unified Presence SIP Proxy Service Denial of Service

7.	Citrix Presentation Server Weakness and Unauthorised Access

8.	Fedora update for kernel

9.	Cisco Catalyst Content Switching Module Memory Leak Vulnerability

10.	LANAI CMS Multiple File Extensions Vulnerability