5.5

CVE-2007-2437

EPSS 3.3%
Veröffentlicht 02.05.2007 10:19:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

X.Org ≫ X Window System Version7.0

X.Org ≫ X Window System Version7.1

X.Org ≫ X Window System Version7.2

X.Org ≫ Xserver Version <= 1.3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.3%	0.867

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	5.1	6.9	AV:A/AC:L/Au:S/C:N/I:N/A:C

http://osvdb.org/34905

http://secunia.com/advisories/25121

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102901-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200067-1

http://www.rapid7.com/advisories/R7-0027.jsp

Patch

http://www.securityfocus.com/bid/23741

http://www.securitytracker.com/id?1017984

Patch

http://www.vupen.com/english/advisories/2007/1601

http://www.vupen.com/english/advisories/2007/1658

https://exchange.xforce.ibmcloud.com/vulnerabilities/33976

https://nvd.nist.gov/vuln/detail/CVE-2007-2437

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2437

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2437

EUVD