CVE-2007-1667Improper Restriction of Operations within the Bounds of a Memory Buffer in Libx11

CWE-18912 documents8 sources
Severity
9.3CRITICALNVD
EPSS
2.1%
top 16.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
GraphicsmagickImagemagickX.org Libx11+2 more
Timeline
PublishedMar 24
Latest updateMay 1

Description

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

Debianx.org/libx11< 2:1.0.3-7+3
Debianimagemagick/imagemagick< 7:6.2.4.5.dfsg1-1+3
NVDx.org/libx111.0.2
Debiangraphicsmagick/graphicsmagick< 1.1.7-14+3

Also affects: Debian Linux 3.1, 4.0, Ubuntu Linux 6.06, 6.10, 7.04

🔴Vulnerability Details

3
GHSA
GHSA-qw6x-jqf9-5vf7: Multiple integer overflows in (1) the XGetPixel function in ImUtil2022-05-01
CVEList
CVE-2007-1667: Multiple integer overflows in (1) the XGetPixel function in ImUtil2007-03-24
OSV
CVE-2007-1667: Multiple integer overflows in (1) the XGetPixel function in ImUtil2007-03-24

📋Vendor Advisories

5
Ubuntu
ImageMagick vulnerabilities2007-07-10
Ubuntu
X.org vulnerability2007-04-18
Red Hat
Heap overflow in ImageMagick's DCM and XWD coders2007-03-31
Red Hat
XGetPixel() integer overflow2007-03-09
Debian
CVE-2007-1667: graphicsmagick - Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org li...2007

💬Community

3
Bugzilla
CVE-2007-1667 XGetPixel() integer overflow2007-03-10
Bugzilla
CVE-2007-1667 XGetPixel() integer overflow2007-03-10
Bugzilla
CVE-2007-1667 XGetPixel() integer overflow2007-03-09
CVE-2007-1667 — X.org Libx11 vulnerability | cvebase