CVE-2007-1667

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045

http://issues.foresightlinux.org/browse/FL-223

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

http://rhn.redhat.com/errata/RHSA-2007-0125.html

http://secunia.com/advisories/24739

http://secunia.com/advisories/24741

http://secunia.com/advisories/24745

http://secunia.com/advisories/24756

http://secunia.com/advisories/24758

http://secunia.com/advisories/24765

http://secunia.com/advisories/24771

http://secunia.com/advisories/24791

http://secunia.com/advisories/24953

http://secunia.com/advisories/24975

http://secunia.com/advisories/25004

http://secunia.com/advisories/25072

http://secunia.com/advisories/25112

http://secunia.com/advisories/25131

http://secunia.com/advisories/25305

http://secunia.com/advisories/25992

http://secunia.com/advisories/26177

http://secunia.com/advisories/30161

http://secunia.com/advisories/33937

http://secunia.com/advisories/36260

http://security.gentoo.org/glsa/glsa-200705-06.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1

http://support.apple.com/kb/HT3438

http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm

http://www.debian.org/security/2007/dsa-1294

http://www.debian.org/security/2009/dsa-1858

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2007:079

http://www.mandriva.com/security/advisories?name=MDKSA-2007:147

http://www.novell.com/linux/security/advisories/2007_27_x.html

http://www.novell.com/linux/security/advisories/2007_8_sr.html

http://www.openbsd.org/errata39.html#021_xorg

http://www.openbsd.org/errata40.html#011_xorg

http://www.redhat.com/support/errata/RHSA-2007-0126.html

http://www.redhat.com/support/errata/RHSA-2007-0157.html

http://www.securityfocus.com/archive/1/464686/100/0/threaded

http://www.securityfocus.com/archive/1/464816/100/0/threaded

http://www.securityfocus.com/bid/23300

http://www.securitytracker.com/id?1017864

http://www.ubuntu.com/usn/usn-453-1

http://www.ubuntu.com/usn/usn-453-2

http://www.ubuntu.com/usn/usn-481-1

http://www.vupen.com/english/advisories/2007/1217

http://www.vupen.com/english/advisories/2007/1531

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684

https://issues.rpath.com/browse/RPL-1211

https://issues.rpath.com/browse/RPL-1213

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776

Details

Source: MITRE

Published: 2007-03-24

Updated: 2018-10-16

Type: CWE-189

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

cpe:2.3:a:x.org:libx11:*:*:*:*:*:*:*:* versions up to 1.0.2 (inclusive)

Tenable Plugins

View all (43 total)

IDNameProductFamilySeverity
130510Solaris 10 (x86) : 119060-73NessusSolaris Local Security Checks
high
130508Solaris 10 (sparc) : 119059-74NessusSolaris Local Security Checks
high
107806Solaris 10 (x86) : 119060-71NessusSolaris Local Security Checks
high
107805Solaris 10 (x86) : 119060-70NessusSolaris Local Security Checks
high
107804Solaris 10 (x86) : 119060-69NessusSolaris Local Security Checks
high
107803Solaris 10 (x86) : 119060-68NessusSolaris Local Security Checks
high
107802Solaris 10 (x86) : 119060-65NessusSolaris Local Security Checks
high
107801Solaris 10 (x86) : 119060-64NessusSolaris Local Security Checks
high
107304Solaris 10 (sparc) : 119059-72NessusSolaris Local Security Checks
high
107303Solaris 10 (sparc) : 119059-71NessusSolaris Local Security Checks
high
107302Solaris 10 (sparc) : 119059-70NessusSolaris Local Security Checks
high
107301Solaris 10 (sparc) : 119059-69NessusSolaris Local Security Checks
high
107300Solaris 10 (sparc) : 119059-66NessusSolaris Local Security Checks
high
107299Solaris 10 (sparc) : 119059-65NessusSolaris Local Security Checks
high
82537Solaris 10 (x86) : 119060-45NessusSolaris Local Security Checks
high
82536Solaris 10 (sparc) : 119059-46NessusSolaris Local Security Checks
high
67472Oracle Linux 5 : libX11 / xorg-x11-apps (ELSA-2007-0157)NessusOracle Linux Local Security Checks
high
67465Oracle Linux 4 : xorg-x11 (ELSA-2007-0126)NessusOracle Linux Local Security Checks
high
67464Oracle Linux 3 : XFree86 (ELSA-2007-0125)NessusOracle Linux Local Security Checks
high
44768Debian DSA-1903-1 : graphicsmagick - several vulnerabilitiesNessusDebian Local Security Checks
critical
44723Debian DSA-1858-1 : imagemagick - multiple vulnerabilitiesNessusDebian Local Security Checks
high
35684Mac OS X Multiple Vulnerabilities (Security Update 2009-001)NessusMacOS X Local Security Checks
critical
29607SuSE 10 Security Update : Xorg X11 (ZYPP Patch Number 3083)NessusSuSE Local Security Checks
high
29351SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 3131)NessusSuSE Local Security Checks
high
28082Ubuntu 6.06 LTS / 6.10 / 7.04 : imagemagick vulnerabilities (USN-481-1)NessusUbuntu Local Security Checks
high
28050Ubuntu 6.06 LTS / 6.10 : libx11 vulnerability (USN-453-1)NessusUbuntu Local Security Checks
high
28045Ubuntu 5.10 / 6.06 LTS / 6.10 : freetype, libxfont, xorg, xorg-server vulnerabilities (USN-448-1)NessusUbuntu Local Security Checks
high
27496openSUSE 10 Security Update : xorg-x11-server (xorg-x11-server-3082)NessusSuSE Local Security Checks
high
27108openSUSE 10 Security Update : ImageMagick (ImageMagick-3130)NessusSuSE Local Security Checks
high
27103openSUSE 10 Security Update : GraphicsMagick (GraphicsMagick-3129)NessusSuSE Local Security Checks
high
25750Mandrake Linux Security Advisory : ImageMagick (MDKSA-2007:147)NessusMandriva Local Security Checks
high
25326RHEL 5 : xorg-x11-apps and libX11 (RHSA-2007:0157)NessusRed Hat Local Security Checks
high
25259Debian DSA-1294-1 : xfree86 - several vulnerabilitiesNessusDebian Local Security Checks
high
25160GLSA-200705-06 : X.Org X11 library: Multiple integer overflowsNessusGentoo Local Security Checks
high
25044CentOS 5 : xorg-x11-apps / libX11 (CESA-2007:0157)NessusCentOS Local Security Checks
high
25006CentOS 4 : xorg (CESA-2007:0126)NessusCentOS Local Security Checks
high
24950RHEL 4 : xorg-x11 (RHSA-2007:0126)NessusRed Hat Local Security Checks
high
24949RHEL 2.1 / 3 : XFree86 (RHSA-2007:0125)NessusRed Hat Local Security Checks
high
24946Mandrake Linux Security Advisory : tightvnc (MDKSA-2007:080-1)NessusMandriva Local Security Checks
high
24945Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2007:079-1)NessusMandriva Local Security Checks
high
24920CentOS 3 : XFree86 (CESA-2007:0125)NessusCentOS Local Security Checks
high
22985Solaris 10 (x86) : 119060-72 (deprecated)NessusSolaris Local Security Checks
high
22952Solaris 10 (sparc) : 119059-73 (deprecated)NessusSolaris Local Security Checks
high