CVE-2007-6429 – xfree86: integer overflow in EVI extension

https://notcve.org/view.php?id=CVE-2007-6429

18 Jan 2008 — Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. Múltiples desbordamientos de búfer en X.Org Xserver versiones anteriores a 1.4.1 permiten a atacantes l... • http://bugs.gentoo.org/show_bug.cgi?id=204362 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •