CVE-2007-1667

2007-03-24 22:19:00 2018-10-16 18:40:01

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Imagemagick Imagemagick (not an official CPE) X.org Libx11 1.0.2 (not an official CPE)

Imagemagick - Imagemagick X.org - Libx11

Advisory	Patch	Confirmed	Link
			https://issues.rpath.com/browse/RPL-1211
			https://issues.rpath.com/browse/RPL-1213
			https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231...
			ADV-2007-1531
			ADV-2007-1217
			USN-481-1
			USN-453-2
			1017864
			USN-453-1
			23300
			20070405 FLEA-2007-0009-1: xorg-x11 freetype
			20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fon...
			RHSA-2007:0157
			RHSA-2007:0126
			[4.0] 011: SECURITY FIX: April 4, 2007
			SUSE-SR:2007:008
			[3.9] 021: SECURITY FIX: April 4, 2007
			SUSE-SA:2007:027
			MDKSA-2007:147
			MDKSA-2007:079
			GLSA-200805-07
			DSA-1858
			DSA-1294
			http://support.apple.com/kb/HT3438
			http://support.avaya.com/elmodocs2/security/ASA-2007-176...
			GLSA-200705-06
			102888
			RHSA-2007:0125
			[xorg-announce] 20070403 various integer overflow vulner...
			APPLE-SA-2009-02-12
			http://issues.foresightlinux.org/browse/FL-223
			http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045

CVE-2007-1667

2007-03-24 22:19:00 2018-10-16 18:40:01

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)