CVE-2007-1667

Severity

93%

Complexity

86%

Confidentiality

165%

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 17 years ago

2007-03-24 21:19:00

Last updated 6 years ago

2018-10-16 16:40:00

Affected Software

ImageMagick

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045

http://issues.foresightlinux.org/browse/FL-223

APPLE-SA-2009-02-12

[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont

RHSA-2007:0125

Vendor Advisory

24739

Vendor Advisory

24741

Vendor Advisory

24745

Vendor Advisory

24756

Vendor Advisory

24758

Vendor Advisory

24765

Vendor Advisory

24771

Vendor Advisory

24791

Vendor Advisory

24953

Vendor Advisory

24975

Vendor Advisory

25004

Vendor Advisory

25072

Vendor Advisory

25112

Vendor Advisory

25131

Vendor Advisory

25305

Vendor Advisory

25992

Vendor Advisory

26177

Vendor Advisory

30161

Vendor Advisory

33937

Vendor Advisory

36260

Vendor Advisory

GLSA-200705-06

102888

http://support.apple.com/kb/HT3438

http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm

DSA-1294

DSA-1858

GLSA-200805-07

MDKSA-2007:079

MDKSA-2007:147

SUSE-SA:2007:027

SUSE-SR:2007:008

[3.9] 021: SECURITY FIX: April 4, 2007

[4.0] 011: SECURITY FIX: April 4, 2007

RHSA-2007:0126

Vendor Advisory

RHSA-2007:0157

Vendor Advisory

20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs

20070405 FLEA-2007-0009-1: xorg-x11 freetype

23300

1017864

USN-453-1

USN-453-2

USN-481-1

ADV-2007-1217

ADV-2007-1531

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684

https://issues.rpath.com/browse/RPL-1211

https://issues.rpath.com/browse/RPL-1213

oval:org.mitre.oval:def:1693

oval:org.mitre.oval:def:9776

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.