FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-6427

This CVE name corresponds to:

Entered Topic
2008-01-23 xorg -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-6427 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-6427
Phase Assigned(20071218)

Description

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

References

Source Reference
IDEFENSE 20080117 Multiple Vendor X Server XInput Extension Multiple Memory Corruption Vulnerabilities
BUGTRAQ 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=204362
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm
CONFIRM https://issues.rpath.com/browse/RPL-2010
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm
CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
APPLE APPLE-SA-2008-03-18
DEBIAN DSA-1466
FEDORA FEDORA-2008-0760
FEDORA FEDORA-2008-0831
GENTOO GLSA-200801-09
GENTOO GLSA-200804-05
GENTOO GLSA-200805-07
HP HPSBUX02381
HP SSRT080083
MANDRIVA MDVSA-2008:021
MANDRIVA MDVSA-2008:022
MANDRIVA MDVSA-2008:023
MANDRIVA MDVSA-2008:025
OPENBSD [4.1] 20080208 012: SECURITY FIX: February 8, 2008
OPENBSD [4.2] 20080208 006: SECURITY FIX: February 8, 2008
REDHAT RHSA-2008:0029
REDHAT RHSA-2008:0030
REDHAT RHSA-2008:0031
SUNALERT 103200
SUNALERT 200153
SUSE SUSE-SA:2008:003
SUSE SUSE-SR:2008:003
SUSE SUSE-SR:2008:008
UBUNTU USN-571-1
BID 27336
BID 27351
OVAL oval:org.mitre.oval:def:10372
SECUNIA 32545
VUPEN ADV-2008-0179
VUPEN ADV-2008-0184
VUPEN ADV-2008-0497
VUPEN ADV-2008-0703
VUPEN ADV-2008-0924
SECTRACK 1019232
SECUNIA 28532
SECUNIA 28535
SECUNIA 28536
SECUNIA 28539
SECUNIA 28540
SECUNIA 28542
SECUNIA 28543
SECUNIA 28550
SECUNIA 28273
SECUNIA 28592
SECUNIA 28616
SECUNIA 28584
SECUNIA 28693
SECUNIA 28718
SECUNIA 28838
SECUNIA 28843
SECUNIA 28885
SECUNIA 28941
SECUNIA 29139
SECUNIA 29420
SECUNIA 29622
SECUNIA 29707
SECUNIA 30161
VUPEN ADV-2008-3000
XF xorg-xinput-code-execution(39759)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.