Array Index Error in X.Org Xserver's XFree86-Misc Extension
CVE-2007-5760

Currently unrated

Key Information:

Vendor: X.org
Status: Xserver; Xfree86-misc
Vendor: CVE Published:; 18 January 2008

What is CVE-2007-5760?

The X.Org Xserver, specifically the XFree86-Misc extension, is susceptible to an array index error. This vulnerability allows attackers to craft a PassMessage request with an overly large array index, potentially leading to arbitrary code execution within context-dependent scenarios. Attackers could exploit this flaw to execute malicious code, posing a significant risk to the affected systems and user environments leveraging the vulnerable versions.

References

http://www.securityfocus.com/bid/27336

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/0184

vdb-entryx_refsource_VUPEN

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2008
Vulnerability Reserved
Oct 31, 2007

X.org

What is CVE-2007-5760?

References

Timeline