FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-5760

This CVE name corresponds to:

Entered Topic
2008-01-23 xorg -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-5760 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-5760
Phase Assigned(20071031)

Description

Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.

References

Source Reference
IDEFENSE 20080117 Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability
BUGTRAQ 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=204362
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm
CONFIRM https://issues.rpath.com/browse/RPL-2010
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm
DEBIAN DSA-1466
FEDORA FEDORA-2008-0760
FEDORA FEDORA-2008-0831
GENTOO GLSA-200801-09
GENTOO GLSA-200804-05
GENTOO GLSA-200805-07
MANDRIVA MDVSA-2008:022
MANDRIVA MDVSA-2008:023
MANDRIVA MDVSA-2008:025
OPENBSD [4.1] 20080208 012: SECURITY FIX: February 8, 2008
OPENBSD [4.2] 20080208 006: SECURITY FIX: February 8, 2008
REDHAT RHSA-2008:0030
REDHAT RHSA-2008:0031
SUNALERT 103200
SUNALERT 200153
SUSE SUSE-SA:2008:003
UBUNTU USN-571-1
BID 27336
BID 27354
OVAL oval:org.mitre.oval:def:11718
VUPEN ADV-2008-0179
VUPEN ADV-2008-0184
VUPEN ADV-2008-0497
SECTRACK 1019232
SECUNIA 28532
SECUNIA 28535
SECUNIA 28536
SECUNIA 28539
SECUNIA 28540
SECUNIA 28543
SECUNIA 28550
SECUNIA 28273
SECUNIA 28592
SECUNIA 28616
SECUNIA 28584
SECUNIA 28693
SECUNIA 28718
SECUNIA 28843
SECUNIA 28885
SECUNIA 28941
SECUNIA 29707
SECUNIA 30161
XF xorg-xfree86misc-code-execution(39766)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.