Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2007-0653

Published: 21/03/2007 Updated: 16/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote malicious users to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption.

Vulnerable Product Search on Vulmon Subscribe to Product

x_multimedia_system x_multimedia_system 1.2.10

Vendor Advisories

Ubuntu Security Notice: xmms vulnerabilities
Sven Krewitt of Secunia Research discovered that XMMS did not correctly handle BMP images when loading GUI skins If a user were tricked into loading a specially crafted skin, a remote attacker could execute arbitrary code with user privileges ...
Debian Security Advisories: DSA-1277-1 XMMS -- several vulnerabilities
Multiple errors have been found in the skin handling routines in xmms, the X Multimedia System These vulnerabilities could allow an attacker to run arbitrary code as the user running xmms by inducing the victim to load specially crafted interface skin files For the stable distribution (sarge), these problems have been fixed in version 1210+cvs2 ...

References

NVD-CWE-Otherhttp://secunia.com/secunia_research/2007-47/advisory/http://www.securityfocus.com/bid/23078http://secunia.com/advisories/23986http://www.ubuntu.com/usn/usn-445-1http://secunia.com/advisories/24645http://www.debian.org/security/2007/dsa-1277http://secunia.com/advisories/24804http://www.novell.com/linux/security/advisories/2007_6_sr.htmlhttp://secunia.com/advisories/24889http://www.mandriva.com/security/advisories?name=MDKSA-2007:071http://www.vupen.com/english/advisories/2007/1057https://exchange.xforce.ibmcloud.com/vulnerabilities/33205http://www.securityfocus.com/archive/1/463408/100/0/threadedhttps://usn.ubuntu.com/445-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectCVE-2024-34001CVE-2024-37018LFICVE-2024-1275CVE-2024-1086CSRFCVE-2024-31030CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook