CVE-2007-1667 Information

Feb 14, 2021 cve

Description

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3 and (2) XInitImage function in xwd.c for ImageMagick allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045 http://issues.foresightlinux.org/browse/FL-223 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://secunia.com/advisories/24739 http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/24756 http://secunia.com/advisories/24758 http://secunia.com/advisories/24765 http://secunia.com/advisories/24771 http://secunia.com/advisories/24791 http://secunia.com/advisories/24953 http://secunia.com/advisories/24975 http://secunia.com/advisories/25004 http://secunia.com/advisories/25072 http://secunia.com/advisories/25112 http://secunia.com/advisories/25131 http://secunia.com/advisories/25305 http://secunia.com/advisories/25992 http://secunia.com/advisories/26177 http://secunia.com/advisories/30161 http://secunia.com/advisories/33937 http://secunia.com/advisories/36260 http://security.gentoo.org/glsa/glsa-200705-06.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1 http://support.apple.com/kb/HT3438 http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm http://www.debian.org/security/2007/dsa-1294 http://www.debian.org/security/2009/dsa-1858 http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:079 http://www.mandriva.com/security/advisories?name=MDKSA-2007:147 http://www.novell.com/linux/security/advisories/2007_27_x.html http://www.novell.com/linux/security/advisories/2007_8_sr.html http://www.openbsd.org/errata39.html021_xorg http://www.openbsd.org/errata40.html011_xorg http://www.redhat.com/support/errata/RHSA-2007-0126.html http://www.redhat.com/support/errata/RHSA-2007-0157.html http://www.securityfocus.com/archive/1/464686/100/0/threaded http://www.securityfocus.com/archive/1/464816/100/0/threaded http://www.securityfocus.com/bid/23300 http://www.securitytracker.com/id?1017864 http://www.ubuntu.com/usn/usn-453-1 http://www.ubuntu.com/usn/usn-453-2 http://www.ubuntu.com/usn/usn-481-1 http://www.vupen.com/english/advisories/2007/1217 http://www.vupen.com/english/advisories/2007/1531 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684 https://issues.rpath.com/browse/RPL-1211 https://issues.rpath.com/browse/RPL-1213 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1693 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9776

Share on: