CVE - CVE-2007-1003

CVE-ID
CVE-2007-1003	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1017857 URL:http://www.securitytracker.com/id?1017857 MISC:102886 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1~~ (Obsolete source) MISC:20070403 Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=503 MISC:20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs URL:http://www.securityfocus.com/archive/1/464686/100/0/threaded MISC:20070405 FLEA-2007-0009-1: xorg-x11 freetype URL:http://www.securityfocus.com/archive/1/464816/100/0/threaded MISC:23284 URL:http://www.securityfocus.com/bid/23284 MISC:23300 URL:http://www.securityfocus.com/bid/23300 MISC:24741 URL:http://secunia.com/advisories/24741 MISC:24745 URL:http://secunia.com/advisories/24745 MISC:24756 URL:http://secunia.com/advisories/24756 MISC:24758 URL:http://secunia.com/advisories/24758 MISC:24765 URL:http://secunia.com/advisories/24765 MISC:24770 URL:http://secunia.com/advisories/24770 MISC:24771 URL:http://secunia.com/advisories/24771 MISC:24772 URL:http://secunia.com/advisories/24772 MISC:24791 URL:http://secunia.com/advisories/24791 MISC:25004 URL:http://secunia.com/advisories/25004 MISC:25006 URL:http://secunia.com/advisories/25006 MISC:25195 URL:http://secunia.com/advisories/25195 MISC:25216 URL:http://secunia.com/advisories/25216 MISC:25305 URL:http://secunia.com/advisories/25305 MISC:29622 URL:http://secunia.com/advisories/29622 MISC:ADV-2007-1217 URL:~~http://www.vupen.com/english/advisories/2007/1217~~ (Obsolete source) MISC:ADV-2007-1548 URL:~~http://www.vupen.com/english/advisories/2007/1548~~ (Obsolete source) MISC:DSA-1294 URL:http://www.debian.org/security/2007/dsa-1294 MISC:GLSA-200705-10 URL:http://security.gentoo.org/glsa/glsa-200705-10.xml MISC:MDKSA-2007:079 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:079~~ (Obsolete source) MISC:MDKSA-2007:080 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:080~~ (Obsolete source) MISC:RHSA-2007:0125 URL:http://rhn.redhat.com/errata/RHSA-2007-0125.html MISC:RHSA-2007:0126 URL:http://www.redhat.com/support/errata/RHSA-2007-0126.html MISC:RHSA-2007:0127 URL:http://www.redhat.com/support/errata/RHSA-2007-0127.html MISC:SUSE-SA:2007:027 URL:http://www.novell.com/linux/security/advisories/2007_27_x.html MISC:SUSE-SR:2008:008 URL:http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html MISC:USN-448-1 URL:http://www.ubuntu.com/usn/usn-448-1 MISC:[3.9] 021: SECURITY FIX: April 4, 2007 URL:http://www.openbsd.org/errata39.html#021_xorg MISC:[4.0] 011: SECURITY FIX: April 4, 2007 URL:http://www.openbsd.org/errata40.html#011_xorg MISC:[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont URL:http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html MISC:http://issues.foresightlinux.org/browse/FL-223 URL:http://issues.foresightlinux.org/browse/FL-223 MISC:http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm MISC:https://issues.rpath.com/browse/RPL-1213 URL:https://issues.rpath.com/browse/RPL-1213 MISC:oval:org.mitre.oval:def:1980 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1980 MISC:oval:org.mitre.oval:def:9798 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9798 MISC:xorg-xcmisc-overflow(33424) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/33424
Assigning CNA
Red Hat, Inc.
Date Record Created
20070216	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070216)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)