CVE-2007-4730

high

Description

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10430

https://issues.rpath.com/browse/RPL-1728

https://exchange.xforce.ibmcloud.com/vulnerabilities/36535

http://www.vupen.com/english/advisories/2007/3098

http://www.ubuntu.com/usn/usn-514-1

http://www.securitytracker.com/id?1018665

http://www.securityfocus.com/bid/25606

http://www.redhat.com/support/errata/RHSA-2007-0898.html

http://www.novell.com/linux/security/advisories/2007_54_xorg.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:022

http://www.mandriva.com/security/advisories?name=MDKSA-2007:178

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

http://www.debian.org/security/2007/dsa-1372

http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0187

http://support.avaya.com/elmodocs2/security/ASA-2007-394.htm

http://security.gentoo.org/glsa/glsa-200710-16.xml

http://secunia.com/advisories/30161

http://secunia.com/advisories/27228

http://secunia.com/advisories/27179

http://secunia.com/advisories/27147

http://secunia.com/advisories/26897

http://secunia.com/advisories/26859

http://secunia.com/advisories/26823

http://secunia.com/advisories/26763

http://secunia.com/advisories/26755

http://secunia.com/advisories/26743

http://osvdb.org/37726

http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html

http://bugs.gentoo.org/show_bug.cgi?id=191964

http://bugs.freedesktop.org/show_bug.cgi?id=7447

Details

Source: Mitre, NVD

Published: 2007-09-11

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High