CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
94.0%
CentOS Errata and Security Advisory CESA-2007:0157
X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.
An integer overflow flaw was found in the X.org XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667)
Users of the X.org X11 server should upgrade to these updated packages,
which contain a backported patch and are not vulnerable to this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-April/075854.html
https://lists.centos.org/pipermail/centos-announce/2007-April/075855.html
Affected packages:
libX11
libX11-devel
xorg-x11-apps
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0157
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | libx11 | < 1.0.3-8.0.1.el5 | libX11-1.0.3-8.0.1.el5.i386.rpm |
CentOS | 5 | x86_64 | libx11 | < 1.0.3-8.0.1.el5 | libX11-1.0.3-8.0.1.el5.x86_64.rpm |
CentOS | 5 | i386 | libx11-devel | < 1.0.3-8.0.1.el5 | libX11-devel-1.0.3-8.0.1.el5.i386.rpm |
CentOS | 5 | x86_64 | libx11-devel | < 1.0.3-8.0.1.el5 | libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm |
CentOS | 5 | x86_64 | xorg-x11-apps | < 7.1-4.0.1.el5 | xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm |
CentOS | 5 | i386 | libx11 | < 1.0.3-8.0.1.el5 | libX11-1.0.3-8.0.1.el5.i386.rpm |
CentOS | 5 | i386 | libx11-devel | < 1.0.3-8.0.1.el5 | libX11-devel-1.0.3-8.0.1.el5.i386.rpm |
CentOS | 5 | i386 | xorg-x11-apps | < 7.1-4.0.1.el5 | xorg-x11-apps-7.1-4.0.1.el5.i386.rpm |