NVD

Id
56688  
Name
CVE-2007-4568  
Description
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-10-05  
Modified Date
2011-03-07  
Seq
2007-4568  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
288889 56688 CVE-2007-4568 http://bugs.freedesktop.org/show_bug.cgi?id=12298  View
288890 56688 CVE-2007-4568 http://bugs.gentoo.org/show_bug.cgi?id=194606  View
288891 56688 CVE-2007-4568 http://docs.info.apple.com/article.html?artnum=307430  View
288892 56688 CVE-2007-4568 http://docs.info.apple.com/article.html?artnum=307562  View
288893 56688 CVE-2007-4568 20071002 Multiple Vendor X Font Server Multiple Vulnerabilities  View
288894 56688 CVE-2007-4568 APPLE-SA-2008-02-11  View
288895 56688 CVE-2007-4568 APPLE-SA-2008-03-18  View
288896 56688 CVE-2007-4568 [xorg-announce] 20071002 [ANNOUNCE] X.Org security advisory: multiple vulnerabilities in X font server  View
288897 56688 CVE-2007-4568 oval:org.mitre.oval:def:10882  View
288898 56688 CVE-2007-4568 GLSA-200710-11  View
288899 56688 CVE-2007-4568 103114  View
288900 56688 CVE-2007-4568 200642  View
288901 56688 CVE-2007-4568 DSA-1385  View
288902 56688 CVE-2007-4568 MDKSA-2007:210  View
288903 56688 CVE-2007-4568 SUSE-SA:2007:054  View
288904 56688 CVE-2007-4568 RHSA-2008:0029  View
288905 56688 CVE-2007-4568 RHSA-2008:0030  View
288906 56688 CVE-2007-4568 20071003 rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs  View
288907 56688 CVE-2007-4568 25898  View
288908 56688 CVE-2007-4568 1018763  View
288909 56688 CVE-2007-4568 TA08-043B  View
288910 56688 CVE-2007-4568 ADV-2007-3337  View
288911 56688 CVE-2007-4568 ADV-2007-3338  View
288912 56688 CVE-2007-4568 ADV-2007-3467  View
288913 56688 CVE-2007-4568 ADV-2008-0495  View
288914 56688 CVE-2007-4568 ADV-2008-0924  View
288915 56688 CVE-2007-4568 xfs-protocol-requests-bo(36919)  View
288916 56688 CVE-2007-4568 https://issues.rpath.com/browse/RPL-1756  View
288917 56688 CVE-2007-4568 FEDORA-2007-4263  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52107 JVNDB-2007-000770 X Font Server の build_range() 関数における整数オーバーフローの脆弱性 X.Org の X Font Server (xfs) には、build_range() 関数において、不正な値の QueryXBitmaps および QueryXExtents プロトコルリクエストを処理した際に、整数オーバーフローが発生する脆弱性が存在します。 CVE-2007-4568 27923 CVE-2007-4568 56688 6.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000770.html 2007-10-05 2008-11-20 View