CVE-2007-4730

X.org composite extension buffer overflow

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.

Desbordamiento de búfer en la función compNewPixmap de compalloc.c en la extensión Composite para el servidor X11 X.org anterior a 1.4 permite a usuarios locales ejecutar código de su elección copiando datos de un mapa de píxeles con gran profundidad de píxel (pixel depth) a un mapa con profundidad menor.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-09-05 CVE Reserved
2007-09-09 CVE Published
2024-08-07 CVE Updated
2024-11-06 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (32)

URL	Tag	Source
http://bugs.freedesktop.org/show_bug.cgi?id=7447	X_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=191964	X_refsource_confirm
http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html	Mailing List
http://osvdb.org/37726	Vdb Entry
http://secunia.com/advisories/26763	Third Party Advisory
http://secunia.com/advisories/26823	Third Party Advisory
http://secunia.com/advisories/26859	Third Party Advisory
http://secunia.com/advisories/26897	Third Party Advisory
http://secunia.com/advisories/27147	Third Party Advisory
http://secunia.com/advisories/27179	Third Party Advisory
http://secunia.com/advisories/27228	Third Party Advisory
http://secunia.com/advisories/30161	Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-394.htm	X_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0187	X_refsource_confirm
http://www.securityfocus.com/bid/25606	Vdb Entry
http://www.securitytracker.com/id?1018665	Vdb Entry
http://www.vupen.com/english/advisories/2007/3098	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/36535	Vdb Entry
https://issues.rpath.com/browse/RPL-1728	X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10430	Signature

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/26743	2017-09-29
http://secunia.com/advisories/26755	2017-09-29
http://www.debian.org/security/2007/dsa-1372	2017-09-29

URL	Date	SRC
http://security.gentoo.org/glsa/glsa-200710-16.xml	2017-09-29
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml	2017-09-29
http://www.mandriva.com/security/advisories?name=MDKSA-2007:178	2017-09-29
http://www.mandriva.com/security/advisories?name=MDVSA-2008:022	2017-09-29
http://www.novell.com/linux/security/advisories/2007_54_xorg.html	2017-09-29
http://www.redhat.com/support/errata/RHSA-2007-0898.html	2017-09-29
http://www.ubuntu.com/usn/usn-514-1	2017-09-29
https://access.redhat.com/security/cve/CVE-2007-4730	2007-09-19
https://bugzilla.redhat.com/show_bug.cgi?id=285991	2007-09-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
X.org Search vendor "X.org"		Xorg-server Search vendor "X.org" for product "Xorg-server"				1.01 Search vendor "X.org" for product "Xorg-server" and version "1.01"		-		Affected
X.org Search vendor "X.org"		Xorg-server Search vendor "X.org" for product "Xorg-server"				1.1 Search vendor "X.org" for product "Xorg-server" and version "1.1"		-		Affected
X.org Search vendor "X.org"		Xorg-server Search vendor "X.org" for product "Xorg-server"				1.02 Search vendor "X.org" for product "Xorg-server" and version "1.02"		-		Affected
X.org Search vendor "X.org"		Xorg-server Search vendor "X.org" for product "Xorg-server"				1.2 Search vendor "X.org" for product "Xorg-server" and version "1.2"		-		Affected
X.org Search vendor "X.org"		Xorg-server Search vendor "X.org" for product "Xorg-server"				1.3 Search vendor "X.org" for product "Xorg-server" and version "1.3"		-		Affected