Integer Overflow Vulnerabilities in X.Org libx11 and ImageMagick
CVE-2007-1667

Currently unrated

Key Information:

Vendor: X.org
Status: Libx11; Imagemagick
Vendor: CVE Published:; 24 March 2007

What is CVE-2007-1667?

The vulnerability arises from multiple integer overflows found in the XGetPixel function of X.Org libx11 and the XInitImage function in ImageMagick's xwd.c. Attackers can leverage these flaws by providing specially crafted images that include large or negative values, potentially leading to a denial of service through application crashes or exposing sensitive information. The vulnerabilities affect software prior to specified versions, highlighting the importance of timely updates to maintain system security.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm

x_refsource_CONFIRM

http://secunia.com/advisories/24745

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2007
Vulnerability Reserved
Mar 24, 2007

X.org

What is CVE-2007-1667?

References

Timeline