FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-6429

This CVE name corresponds to:

Entered Topic
2008-01-23 xorg -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2007-6429
Phase Assigned(20071218)

Description

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

References

Source Reference
IDEFENSE 20080117 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities
BUGTRAQ 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=204362
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm
CONFIRM https://issues.rpath.com/browse/RPL-2010
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm
CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
APPLE APPLE-SA-2008-03-18
DEBIAN DSA-1466
FEDORA FEDORA-2008-0760
FEDORA FEDORA-2008-0831
GENTOO GLSA-200801-09
GENTOO GLSA-200804-05
GENTOO GLSA-200805-07
HP HPSBUX02381
HP SSRT080083
MANDRIVA MDVSA-2008:021
MANDRIVA MDVSA-2008:022
MANDRIVA MDVSA-2008:023
MANDRIVA MDVSA-2008:025
OPENBSD [4.1] 20080208 012: SECURITY FIX: February 8, 2008
OPENBSD [4.2] 20080208 006: SECURITY FIX: February 8, 2008
REDHAT RHSA-2008:0029
REDHAT RHSA-2008:0030
REDHAT RHSA-2008:0031
SUNALERT 103200
SUNALERT 200153
SUSE SUSE-SA:2008:003
SUSE SUSE-SR:2008:003
SUSE SUSE-SR:2008:008
UBUNTU USN-571-1
BID 27336
BID 27350
BID 27353
OVAL oval:org.mitre.oval:def:11045
SECUNIA 32545
VUPEN ADV-2008-0179
VUPEN ADV-2008-0184
VUPEN ADV-2008-0497
VUPEN ADV-2008-0703
VUPEN ADV-2008-0924
SECTRACK 1019232
SECUNIA 28532
SECUNIA 28535
SECUNIA 28536
SECUNIA 28539
SECUNIA 28540
SECUNIA 28542
SECUNIA 28543
SECUNIA 28550
SECUNIA 28273
SECUNIA 28592
SECUNIA 28616
SECUNIA 28584
SECUNIA 28693
SECUNIA 28718
SECUNIA 28838
SECUNIA 28843
SECUNIA 28885
SECUNIA 28941
SECUNIA 29139
SECUNIA 29420
SECUNIA 29622
SECUNIA 29707
SECUNIA 30161
VUPEN ADV-2008-3000
XF xorg-evi-bo(39763)
XF xorg-mitshm-overflow(39764)