4.3
CVSSv2

CVE-2007-4730

Published: 11/09/2007 Updated: 29/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 6.4 | Exploitability Score: 3.1
VMScore: 383
Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server prior to 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.

Vendor Advisories

Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths An authenticated user could exploit this to execute arbitrary code with root privileges ...
Aaron Plattner discovered a buffer overflow in the Composite extension of the Xorg X server, which can lead to local privilege escalation The oldstable distribution (sarge) is not affected by this problem For the stable distribution (etch) this problem has been fixed in version 111-21etch1 For the unstable distribution (sid) this problem will ...

References

CWE-119http://bugs.freedesktop.org/show_bug.cgi?id=7447http://bugs.gentoo.org/show_bug.cgi?id=191964http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.htmlhttp://osvdb.org/37726http://secunia.com/advisories/26743http://secunia.com/advisories/26755http://secunia.com/advisories/26763http://secunia.com/advisories/26823http://secunia.com/advisories/26859http://secunia.com/advisories/26897http://secunia.com/advisories/27147http://secunia.com/advisories/27179http://secunia.com/advisories/27228http://secunia.com/advisories/30161http://security.gentoo.org/glsa/glsa-200710-16.xmlhttp://support.avaya.com/elmodocs2/security/ASA-2007-394.htmhttp://wiki.rpath.com/wiki/Advisories:rPSA-2007-0187http://www.debian.org/security/2007/dsa-1372http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:178http://www.mandriva.com/security/advisories?name=MDVSA-2008:022http://www.novell.com/linux/security/advisories/2007_54_xorg.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0898.htmlhttp://www.securityfocus.com/bid/25606http://www.securitytracker.com/id?1018665http://www.ubuntu.com/usn/usn-514-1http://www.vupen.com/english/advisories/2007/3098https://exchange.xforce.ibmcloud.com/vulnerabilities/36535https://issues.rpath.com/browse/RPL-1728https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10430https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2007-4730https://usn.ubuntu.com/514-1/https://nvd.nist.govhttps://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2007-0898