ID |
CVE-2007-6428
|
Summary |
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 15-10-2018 - 21:53) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
oval
via4
|
accepted | 2013-04-29T04:15:38.122-04:00 | class | vulnerability | contributors | name | Aharon Chernin | organization | SCAP.com, LLC |
name | Dragos Prisaca | organization | G2, Inc. |
| definition_extensions | comment | The operating system installed on the system is Red Hat Enterprise Linux 3 | oval | oval:org.mitre.oval:def:11782 |
comment | CentOS Linux 3.x | oval | oval:org.mitre.oval:def:16651 |
comment | The operating system installed on the system is Red Hat Enterprise Linux 4 | oval | oval:org.mitre.oval:def:11831 |
comment | CentOS Linux 4.x | oval | oval:org.mitre.oval:def:16636 |
comment | Oracle Linux 4.x | oval | oval:org.mitre.oval:def:15990 |
comment | The operating system installed on the system is Red Hat Enterprise Linux 5 | oval | oval:org.mitre.oval:def:11414 |
comment | The operating system installed on the system is CentOS Linux 5.x | oval | oval:org.mitre.oval:def:15802 |
comment | Oracle Linux 5.x | oval | oval:org.mitre.oval:def:15459 |
| description | The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. | family | unix | id | oval:org.mitre.oval:def:11754 | status | accepted | submitted | 2010-07-09T03:56:16-04:00 | title | The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. | version | 30 |
|
redhat
via4
|
advisories | | rpms | - XFree86-0:4.1.0-86.EL
- XFree86-0:4.3.0-126.EL
- XFree86-100dpi-fonts-0:4.1.0-86.EL
- XFree86-100dpi-fonts-0:4.3.0-126.EL
- XFree86-75dpi-fonts-0:4.1.0-86.EL
- XFree86-75dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-14-100dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-14-75dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-15-100dpi-fonts-0:4.1.0-86.EL
- XFree86-ISO8859-15-100dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-15-75dpi-fonts-0:4.1.0-86.EL
- XFree86-ISO8859-15-75dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-2-100dpi-fonts-0:4.1.0-86.EL
- XFree86-ISO8859-2-100dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-2-75dpi-fonts-0:4.1.0-86.EL
- XFree86-ISO8859-2-75dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-9-100dpi-fonts-0:4.1.0-86.EL
- XFree86-ISO8859-9-100dpi-fonts-0:4.3.0-126.EL
- XFree86-ISO8859-9-75dpi-fonts-0:4.1.0-86.EL
- XFree86-ISO8859-9-75dpi-fonts-0:4.3.0-126.EL
- XFree86-Mesa-libGL-0:4.3.0-126.EL
- XFree86-Mesa-libGLU-0:4.3.0-126.EL
- XFree86-Xnest-0:4.1.0-86.EL
- XFree86-Xnest-0:4.3.0-126.EL
- XFree86-Xvfb-0:4.1.0-86.EL
- XFree86-Xvfb-0:4.3.0-126.EL
- XFree86-base-fonts-0:4.3.0-126.EL
- XFree86-cyrillic-fonts-0:4.1.0-86.EL
- XFree86-cyrillic-fonts-0:4.3.0-126.EL
- XFree86-devel-0:4.1.0-86.EL
- XFree86-devel-0:4.3.0-126.EL
- XFree86-doc-0:4.1.0-86.EL
- XFree86-doc-0:4.3.0-126.EL
- XFree86-font-utils-0:4.3.0-126.EL
- XFree86-libs-0:4.1.0-86.EL
- XFree86-libs-0:4.3.0-126.EL
- XFree86-libs-data-0:4.3.0-126.EL
- XFree86-sdk-0:4.3.0-126.EL
- XFree86-syriac-fonts-0:4.3.0-126.EL
- XFree86-tools-0:4.1.0-86.EL
- XFree86-tools-0:4.3.0-126.EL
- XFree86-truetype-fonts-0:4.3.0-126.EL
- XFree86-twm-0:4.1.0-86.EL
- XFree86-twm-0:4.3.0-126.EL
- XFree86-xauth-0:4.3.0-126.EL
- XFree86-xdm-0:4.1.0-86.EL
- XFree86-xdm-0:4.3.0-126.EL
- XFree86-xf86cfg-0:4.1.0-86.EL
- XFree86-xfs-0:4.1.0-86.EL
- XFree86-xfs-0:4.3.0-126.EL
- xorg-x11-0:6.8.2-1.EL.33.0.2
- xorg-x11-Mesa-libGL-0:6.8.2-1.EL.33.0.2
- xorg-x11-Mesa-libGLU-0:6.8.2-1.EL.33.0.2
- xorg-x11-Xdmx-0:6.8.2-1.EL.33.0.2
- xorg-x11-Xnest-0:6.8.2-1.EL.33.0.2
- xorg-x11-Xvfb-0:6.8.2-1.EL.33.0.2
- xorg-x11-deprecated-libs-0:6.8.2-1.EL.33.0.2
- xorg-x11-deprecated-libs-devel-0:6.8.2-1.EL.33.0.2
- xorg-x11-devel-0:6.8.2-1.EL.33.0.2
- xorg-x11-doc-0:6.8.2-1.EL.33.0.2
- xorg-x11-font-utils-0:6.8.2-1.EL.33.0.2
- xorg-x11-libs-0:6.8.2-1.EL.33.0.2
- xorg-x11-sdk-0:6.8.2-1.EL.33.0.2
- xorg-x11-tools-0:6.8.2-1.EL.33.0.2
- xorg-x11-twm-0:6.8.2-1.EL.33.0.2
- xorg-x11-xauth-0:6.8.2-1.EL.33.0.2
- xorg-x11-xdm-0:6.8.2-1.EL.33.0.2
- xorg-x11-xfs-0:6.8.2-1.EL.33.0.2
- xorg-x11-server-Xdmx-0:1.1.1-48.26.el5_1.5
- xorg-x11-server-Xephyr-0:1.1.1-48.26.el5_1.5
- xorg-x11-server-Xnest-0:1.1.1-48.26.el5_1.5
- xorg-x11-server-Xorg-0:1.1.1-48.26.el5_1.5
- xorg-x11-server-Xvfb-0:1.1.1-48.26.el5_1.5
- xorg-x11-server-debuginfo-0:1.1.1-48.26.el5_1.5
- xorg-x11-server-sdk-0:1.1.1-48.26.el5_1.5
|
|
refmap
via4
|
apple | APPLE-SA-2008-03-18 | bid | | bugtraq | 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs | confirm | | debian | DSA-1466 | fedora | - FEDORA-2008-0760
- FEDORA-2008-0831
| gentoo | - GLSA-200801-09
- GLSA-200804-05
- GLSA-200805-07
| idefense | 20080117 Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability | mandriva | - MDVSA-2008:021
- MDVSA-2008:022
- MDVSA-2008:023
- MDVSA-2008:025
| mlist | [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server | openbsd | - [4.1] 20080208 012: SECURITY FIX: February 8, 2008
- [4.2] 20080208 006: SECURITY FIX: February 8, 2008
| sectrack | 1019232 | secunia | - 28273
- 28532
- 28535
- 28536
- 28539
- 28540
- 28542
- 28543
- 28550
- 28584
- 28592
- 28616
- 28693
- 28718
- 28838
- 28843
- 28885
- 28941
- 29139
- 29420
- 29622
- 29707
- 30161
| sunalert | | suse | - SUSE-SA:2008:003
- SUSE-SR:2008:003
- SUSE-SR:2008:008
| ubuntu | USN-571-1 | vupen | - ADV-2008-0179
- ADV-2008-0184
- ADV-2008-0497
- ADV-2008-0703
- ADV-2008-0924
| xf | xorg-togcup-information-disclosure(39761) |
|
Last major update |
15-10-2018 - 21:53 |
Published |
18-01-2008 - 23:00 |
Last modified |
15-10-2018 - 21:53 |