[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-6427Date: (C)2008-01-18   (M)2023-12-22


The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1019232
SUNALERT-103200
SUNALERT-200153
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=643
http://www.securityfocus.com/archive/1/487335/100/0/threaded
BID-27336
BID-27351
SECUNIA-28273
SECUNIA-28532
SECUNIA-28535
SECUNIA-28536
SECUNIA-28539
SECUNIA-28540
SECUNIA-28542
SECUNIA-28543
SECUNIA-28550
SECUNIA-28584
SECUNIA-28592
SECUNIA-28616
SECUNIA-28693
SECUNIA-28718
SECUNIA-28838
SECUNIA-28843
SECUNIA-28885
SECUNIA-28941
SECUNIA-29139
SECUNIA-29420
SECUNIA-29622
SECUNIA-29707
SECUNIA-30161
SECUNIA-32545
ADV-2008-0179
ADV-2008-0184
ADV-2008-0497
ADV-2008-0703
ADV-2008-0924
ADV-2008-3000
APPLE-SA-2008-03-18
DSA-1466
FEDORA-2008-0760
FEDORA-2008-0831
GLSA-200801-09
GLSA-200804-05
GLSA-200805-07
MDVSA-2008:021
MDVSA-2008:022
MDVSA-2008:023
MDVSA-2008:025
RHSA-2008:0029
RHSA-2008:0030
RHSA-2008:0031
SSRT080083
SUSE-SA:2008:003
SUSE-SR:2008:003
SUSE-SR:2008:008
USN-571-1
http://www.openbsd.org/errata41.html#012_xorg
http://www.openbsd.org/errata42.html#006_xorg
http://lists.freedesktop.org/archives/xorg/2008-January/031918.html
http://bugs.gentoo.org/show_bug.cgi?id=204362
http://docs.info.apple.com/article.html?artnum=307562
http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm
http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities
https://issues.rpath.com/browse/RPL-2010
oval:org.mitre.oval:def:10372
xorg-xinput-code-execution(39759)

CPE    12
cpe:/o:apple:mac_os_x
cpe:/o:fedoraproject:fedora:7
cpe:/o:fedoraproject:fedora:8
cpe:/o:opensuse:opensuse:10.3
...
CWE    1
CWE-787
OVAL    5
oval:org.secpod.oval:def:301304
oval:org.mitre.oval:def:8106
oval:org.secpod.oval:def:1100059
oval:org.secpod.oval:def:1100052
...

© SecPod Technologies