// For flags

CVE-2007-6428

xfree86: information disclosure via TOG-CUP extension

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.

La función ProcGetReservedColormapEntries de la extensión TOG-CUP de X.Org Xserver versiones anteriores a 1.4.1 permite a atacantes locales o remotos dependientes del contexto leer el contenido de ubicaciones de memoria de su elección mediante peticiones conteniendo un valor de 32 bits que se utiliza inapropiadamente como un índice de array.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-12-18 CVE Reserved
  • 2008-01-18 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-11-21 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (66)
URL Tag Source
http://bugs.gentoo.org/show_bug.cgi?id=204362 X_refsource_confirm
http://docs.info.apple.com/article.html?artnum=307562 X_refsource_confirm
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=644 Third Party Advisory
http://secunia.com/advisories/28273 Third Party Advisory
http://secunia.com/advisories/28532 Third Party Advisory
http://secunia.com/advisories/28535 Third Party Advisory
http://secunia.com/advisories/28536 Third Party Advisory
http://secunia.com/advisories/28539 Third Party Advisory
http://secunia.com/advisories/28540 Third Party Advisory
http://secunia.com/advisories/28542 Third Party Advisory
http://secunia.com/advisories/28543 Third Party Advisory
http://secunia.com/advisories/28550 Third Party Advisory
http://secunia.com/advisories/28584 Third Party Advisory
http://secunia.com/advisories/28592 Third Party Advisory
http://secunia.com/advisories/28616 Third Party Advisory
http://secunia.com/advisories/28693 Third Party Advisory
http://secunia.com/advisories/28718 Third Party Advisory
http://secunia.com/advisories/28838 Third Party Advisory
http://secunia.com/advisories/28843 Third Party Advisory
http://secunia.com/advisories/28885 Third Party Advisory
http://secunia.com/advisories/28941 Third Party Advisory
http://secunia.com/advisories/29139 Third Party Advisory
http://secunia.com/advisories/29420 Third Party Advisory
http://secunia.com/advisories/29622 Third Party Advisory
http://secunia.com/advisories/29707 Third Party Advisory
http://secunia.com/advisories/30161 Third Party Advisory
http://securitytracker.com/id?1019232 Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm X_refsource_confirm
http://www.securityfocus.com/archive/1/487335/100/0/threaded Mailing List
http://www.securityfocus.com/bid/27355 Vdb Entry
http://www.vupen.com/english/advisories/2008/0179 Vdb Entry
http://www.vupen.com/english/advisories/2008/0184 Vdb Entry
http://www.vupen.com/english/advisories/2008/0497/references Vdb Entry
http://www.vupen.com/english/advisories/2008/0703 Vdb Entry
http://www.vupen.com/english/advisories/2008/0924/references Vdb Entry
http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/39761 Vdb Entry
https://issues.rpath.com/browse/RPL-2010 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11754 Signature
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html 2018-10-15
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html 2018-10-15
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html 2018-10-15
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html 2018-10-15
http://security.gentoo.org/glsa/glsa-200801-09.xml 2018-10-15
http://security.gentoo.org/glsa/glsa-200804-05.xml 2018-10-15
http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1 2018-10-15
http://www.debian.org/security/2008/dsa-1466 2018-10-15
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml 2018-10-15
http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 2018-10-15
http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 2018-10-15
http://www.mandriva.com/security/advisories?name=MDVSA-2008:023 2018-10-15
http://www.mandriva.com/security/advisories?name=MDVSA-2008:025 2018-10-15
http://www.openbsd.org/errata41.html#012_xorg 2018-10-15
http://www.openbsd.org/errata42.html#006_xorg 2018-10-15
http://www.redhat.com/support/errata/RHSA-2008-0029.html 2018-10-15
http://www.redhat.com/support/errata/RHSA-2008-0030.html 2018-10-15
http://www.redhat.com/support/errata/RHSA-2008-0031.html 2018-10-15
https://usn.ubuntu.com/571-1 2018-10-15
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html 2018-10-15
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html 2018-10-15
https://access.redhat.com/security/cve/CVE-2007-6428 2008-01-17
https://bugzilla.redhat.com/show_bug.cgi?id=413791 2008-01-17
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
X.org
Search vendor "X.org"
Tog-cup
Search vendor "X.org" for product "Tog-cup"
*-
Affected
X.org
Search vendor "X.org"
Xserver
Search vendor "X.org" for product "Xserver"
<= 1.4
Search vendor "X.org" for product "Xserver" and version " <= 1.4"
-
Affected