exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2007-4568

Status Candidate

Overview

Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.

Related Files

Mandriva Linux Security Advisory 2007.210
Posted Nov 7, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

tags | advisory, overflow, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2007-4568, CVE-2007-4990
SHA-256 | 3590d95e704a2b4bb5d685df07d508326a9d5921828ec1b7d94910404cf25c19
Gentoo Linux Security Advisory 200710-11
Posted Oct 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-11 - iDefense reported that the xfs init script does not correctly handle a race condition when setting permissions of a temporary file. Sean Larsson discovered an integer overflow vulnerability in the build_range() function possibly leading to a heap-based buffer overflow when handling QueryXBitmaps and QueryXExtents protocol requests. Sean Larsson also discovered an error in the swap_char2b() function possibly leading to a heap corruption when handling the same protocol requests. Versions less than 1.0.5 are affected.

tags | advisory, overflow, protocol
systems | linux, gentoo
advisories | CVE-2007-3103, CVE-2007-4568, CVE-2007-4990
SHA-256 | 511f463b3188bb6e41c1e0acef1a8578132acf147999f05fdb2f1f68b185056e
Debian Linux Security Advisory 1385-1
Posted Oct 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1385-1 Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-4568
SHA-256 | 7d2351d6bbaaa26298488b154c33c30a4f4f804aa58415cb559dec4380f72994
iDEFENSE Security Advisory 2007-10-02.1
Posted Oct 3, 2007
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 10.02.07 - Remote exploitation of a multiple vulnerabilities in X.Org Foundation's X Font Server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code. iDefense has confirmed the existence of these vulnerabilities in XFS version X11R7.2-1.0.4. Previous versions may also be affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2007-4568
SHA-256 | efa2e92184226bbbf67acb9bc96f53bb0476cd59fd1e3b59af0eef6729674b00
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close