CVE-2007-4990 in X11info

Summary

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Reservation

09/19/2007

Disclosure

10/05/2007

Moderation

VulDB entry created

Entries

VDB-3361

CPE

ready

CWE

CWE-189 (Confirmed)

Exploit

Download

CVSS

6.3

EPSS

0.04295

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-4990
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4990
CVE Details	https://www.cvedetails.com/cve/CVE-2007-4990/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!