NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2007-4730

Summary	Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.
Publication Date	Sept. 12, 2007, 4:17 a.m.
Registration Date	Jan. 29, 2021, 2:19 p.m.
Last Update	Sept. 29, 2017, 10:29 a.m.

CVSS2.0 : MEDIUM
Score	4.3
Vector	AV:L/AC:L/Au:S/C:P/I:P/A:P
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	単一
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	はい
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:x.org:xorg-server:1.01:::::::*
cpe:2.3:a:x.org:xorg-server:1.1:::::::*
cpe:2.3:a:x.org:xorg-server:1.02:::::::*
cpe:2.3:a:x.org:xorg-server:1.2:::::::*
cpe:2.3:a:x.org:xorg-server:1.3:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://bugs.freedesktop.org/show_bug.cgi?id=7447	CONFIRM
2	http://bugs.gentoo.org/show_bug.cgi?id=191964	CONFIRM
3	http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html	MLIST
4	http://osvdb.org/37726	OSVDB
5	http://secunia.com/advisories/26743	SECUNIA	Patch Vendor Advisory
6	http://secunia.com/advisories/26755	SECUNIA	Patch Vendor Advisory
7	http://secunia.com/advisories/26763	SECUNIA
8	http://secunia.com/advisories/26823	SECUNIA
9	http://secunia.com/advisories/26859	SECUNIA
10	http://secunia.com/advisories/26897	SECUNIA
11	http://secunia.com/advisories/27147	SECUNIA
12	http://secunia.com/advisories/27179	SECUNIA
13	http://secunia.com/advisories/27228	SECUNIA
14	http://secunia.com/advisories/30161	SECUNIA
15	http://security.gentoo.org/glsa/glsa-200710-16.xml	GENTOO
16	http://support.avaya.com/elmodocs2/security/ASA-2007-394.htm	CONFIRM
17	http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0187	CONFIRM
18	http://www.debian.org/security/2007/dsa-1372	DEBIAN	Patch
19	http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml	GENTOO
20	http://www.mandriva.com/security/advisories?name=MDKSA-2007:178	MANDRIVA
21	http://www.mandriva.com/security/advisories?name=MDVSA-2008:022	MANDRIVA
22	http://www.novell.com/linux/security/advisories/2007_54_xorg.html	SUSE
23	http://www.redhat.com/support/errata/RHSA-2007-0898.html	REDHAT
24	http://www.securityfocus.com/bid/25606	BID
25	http://www.securitytracker.com/id?1018665	SECTRACK
26	http://www.ubuntu.com/usn/usn-514-1	UBUNTU
27	http://www.vupen.com/english/advisories/2007/3098	VUPEN
28	https://exchange.xforce.ibmcloud.com/vulnerabilities/36535	XF
29	https://issues.rpath.com/browse/RPL-1728	CONFIRM
30	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10430	OVAL

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html