CVE-2007-4730Improper Restriction of Operations within the Bounds of a Memory Buffer in Xorg-server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents8 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 73.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
X.org Xorg-server
Timeline
PublishedSep 11
Latest updateMay 1

Description

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.1 | Impact: 6.4

Affected Packages2 packages

Debianx.org/xorg-server< 2:1.4-1+3
NVDx.org/xorg-server5 versions+4

Patches

Patch: secunia.comPatch: secunia.comPatch: www.debian.org

🔴Vulnerability Details

3
GHSA
GHSA-737c-wj7m-pqqr: Buffer overflow in the compNewPixmap function in compalloc2022-05-01
CVEList
CVE-2007-4730: Buffer overflow in the compNewPixmap function in compalloc2007-09-11
OSV
CVE-2007-4730: Buffer overflow in the compNewPixmap function in compalloc2007-09-11

📋Vendor Advisories

3
Ubuntu
X.org vulnerability2007-09-18
Red Hat
X.org composite extension buffer overflow2007-09-09
Debian
CVE-2007-4730: xorg-server - Buffer overflow in the compNewPixmap function in compalloc.c in the Composite ex...2007

💬Community

4
Bugzilla
CVE-2007-4730 X.org composite extension buffer overflow2007-09-11
Bugzilla
CVE-2007-4730 X.org composite extension buffer overflow [F7]2007-09-11
Bugzilla
CVE-2007-4730 X.org composite extension buffer overflow [Fdevel]2007-09-11
Bugzilla
CVE-2007-4730 X.org composite extension buffer overflow [FC6]2007-09-11
CVE-2007-4730 — X.org Xorg-server vulnerability | cvebase