7.5

CVE-2007-4990

EPSS 3.79%
Published 05.10.2007 21:17:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

Affected products Warnungen 0 Metrics 2 CWE 0 References 41

Data is provided by the National Vulnerability Database (NVD)

X.Org ≫ X Font Server Version <= 1.0.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.79%	0.876

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://docs.info.apple.com/article.html?artnum=307562

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://www.vupen.com/english/advisories/2008/0924/references

http://secunia.com/advisories/29420

http://secunia.com/advisories/27240

http://security.gentoo.org/glsa/glsa-200710-11.xml

http://secunia.com/advisories/27228

http://www.novell.com/linux/security/advisories/2007_54_xorg.html

http://bugs.gentoo.org/show_bug.cgi?id=194606

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602

http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html

http://secunia.com/advisories/27040

http://secunia.com/advisories/27052

http://secunia.com/advisories/27060

http://secunia.com/advisories/27176

http://secunia.com/advisories/27560

http://secunia.com/advisories/28004

http://secunia.com/advisories/28536

http://secunia.com/advisories/28542

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1

http://www.mandriva.com/security/advisories?name=MDKSA-2007:210

http://www.redhat.com/support/errata/RHSA-2008-0029.html

http://www.redhat.com/support/errata/RHSA-2008-0030.html

http://www.securityfocus.com/archive/1/481432/100/0/threaded

http://www.securityfocus.com/bid/25898

http://www.securitytracker.com/id?1018763

http://www.vupen.com/english/advisories/2007/3337

http://www.vupen.com/english/advisories/2007/3338

http://www.vupen.com/english/advisories/2007/3467

https://issues.rpath.com/browse/RPL-1756

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html

http://bugs.freedesktop.org/show_bug.cgi?id=12299

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725

http://secunia.com/advisories/28514

http://www.vupen.com/english/advisories/2008/0149

https://exchange.xforce.ibmcloud.com/vulnerabilities/36920

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599

https://nvd.nist.gov/vuln/detail/CVE-2007-4990

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4990

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4990

EUVD