Numeric Errors Affecting libx11 package, versions <2:1.0.3-7
Snyk CVSS
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN8-LIBX11-339177
- published 24 Mar 2007
- disclosed 24 Mar 2007
Introduced: 24 Mar 2007
CVE-2007-1667 Open this link in a new tabHow to fix?
Upgrade Debian:8
libx11
to version 2:1.0.3-7 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream libx11
package and not the libx11
package as distributed by Debian
.
See How to fix?
for Debian:8
relevant fixed versions and status.
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.
References
- ADVISORY
- Apple Security Advisory
- Apple Security Announcement
- BUGTRAQ
- BUGTRAQ
- CONFIRM
- CONFIRM
- CONFIRM
- CONFIRM
- Debian Bug Report
- Debian Security Advisory
- Debian Security Advisory
- Gentoo Security Advisory
- Gentoo Security Advisory
- MLIST
- OPENBSD
- OPENBSD
- Oval Security
- Oval Security
- RedHat Bugzilla Bug
- RedHat Security Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Security Focus
- Security Tracker
- SUSE
- SUSE
- Ubuntu Security Advisory
- Ubuntu Security Advisory
- Ubuntu Security Advisory
- VUPEN
- VUPEN
- secalert@redhat.com
- secalert@redhat.com
- secalert@redhat.com
- secalert@redhat.com
- secalert@redhat.com