CVE-2007-6428
published 2008-01-18CVE-2007-6428: The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of…
medium5CVSS 3.1
AVNACLAuNCPINAN
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xorg-server | < xorg-server 2:1.4.1~git20080105-2 (bookworm) | xorg-server 2:1.4.1~git20080105-2 (bookworm) |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xserver | <= 1.4 | — |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM