CVE-2007-1003
published 2007-04-06CVE-2007-1003: Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other…
critical9CVSS 3.1
AVNACLAuSCCICAC
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xorg-server | < xorg-server 2:1.1.1-21 (bookworm) | xorg-server 2:1.1.1-21 (bookworm) |
| x.org | x11 | — | — |
| x.org | xorg-server | >= 0 < 2:1.1.1-21 | 2:1.1.1-21 |
| x.org | xorg-server | >= 0 < 2:1.1.1-21 | 2:1.1.1-21 |
| x.org | xorg-server | >= 0 < 2:1.1.1-21 | 2:1.1.1-21 |
| x.org | xorg-server | >= 0 < 2:1.1.1-21 | 2:1.1.1-21 |
CVSS provenance
nvd9.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
osv9.0CRITICAL