Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2007-4730

Published: 11/09/2007 Updated: 29/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 6.4 | Exploitability Score: 3.1
VMScore: 383
Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P
Subscribe to X.org

Vulnerability Summary

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server prior to 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.

Vulnerable Product Search on Vulmon Subscribe to Product

x.org xorg-server 1.01

x.org xorg-server 1.02

x.org xorg-server 1.1

x.org xorg-server 1.2

x.org xorg-server 1.3

Vendor Advisories

Ubuntu Security Notice: xorg-server vulnerability
Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths An authenticated user could exploit this to execute arbitrary code with root privileges ...
Debian Security Advisories: DSA-1372-1 xorg-server -- buffer overflow
Aaron Plattner discovered a buffer overflow in the Composite extension of the Xorg X server, which can lead to local privilege escalation The oldstable distribution (sarge) is not affected by this problem For the stable distribution (etch) this problem has been fixed in version 111-21etch1 For the unstable distribution (sid) this problem will ...

References

CWE-119http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.htmlhttp://bugs.freedesktop.org/show_bug.cgi?id=7447http://www.debian.org/security/2007/dsa-1372http://secunia.com/advisories/26743http://secunia.com/advisories/26755https://issues.rpath.com/browse/RPL-1728http://support.avaya.com/elmodocs2/security/ASA-2007-394.htmhttp://bugs.gentoo.org/show_bug.cgi?id=191964http://security.gentoo.org/glsa/glsa-200710-16.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:178http://www.redhat.com/support/errata/RHSA-2007-0898.htmlhttp://www.novell.com/linux/security/advisories/2007_54_xorg.htmlhttp://www.ubuntu.com/usn/usn-514-1http://www.securityfocus.com/bid/25606http://www.securitytracker.com/id?1018665http://secunia.com/advisories/26763http://secunia.com/advisories/26823http://secunia.com/advisories/26897http://secunia.com/advisories/26859http://secunia.com/advisories/27147http://secunia.com/advisories/27179http://secunia.com/advisories/27228http://www.mandriva.com/security/advisories?name=MDVSA-2008:022http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlhttp://secunia.com/advisories/30161http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0187http://osvdb.org/37726http://www.vupen.com/english/advisories/2007/3098https://exchange.xforce.ibmcloud.com/vulnerabilities/36535https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10430https://usn.ubuntu.com/514-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook