CVE-2007-1667
UnknownEPSS 4.61%
Last modified
CVE-2007-1667 is a vulnerability of currently unknown severity. Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.. EPSS estimates a 4.61% chance of exploitation in the next 30 days.
Description
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| X.Org | Libx11 | <= 1.0.2 |
| Debian | Debian Linux | 3.1 |
| Debian | Debian Linux | 4.0 |
| Canonical | Ubuntu Linux | 6.06 |
| Canonical | Ubuntu Linux | 6.10 |
| Canonical | Ubuntu Linux | 7.04 |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045Third Party Advisory
- http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlMailing List, Third Party Advisory
- http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.htmlMailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2007-0125.htmlThird Party Advisory
- http://secunia.com/advisories/24739Broken Link
- http://secunia.com/advisories/24741Broken Link
- http://secunia.com/advisories/24745Broken Link
- http://secunia.com/advisories/24756Broken Link
- http://secunia.com/advisories/24758Broken Link
- http://secunia.com/advisories/24765Broken Link
- http://secunia.com/advisories/24771Broken Link
- http://secunia.com/advisories/24791Broken Link
- http://secunia.com/advisories/24953Broken Link
- http://secunia.com/advisories/24975Broken Link
- http://secunia.com/advisories/25004Broken Link
- http://secunia.com/advisories/25072Broken Link
- http://secunia.com/advisories/25112Broken Link
- http://secunia.com/advisories/25131Broken Link
- http://secunia.com/advisories/25305Broken Link
- http://secunia.com/advisories/25992Broken Link
- http://secunia.com/advisories/26177Broken Link
- http://secunia.com/advisories/30161Broken Link
- http://secunia.com/advisories/33937Broken Link
- http://secunia.com/advisories/36260Third Party Advisory
- http://support.apple.com/kb/HT3438Third Party Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2007-176.htmThird Party Advisory
- http://www.debian.org/security/2007/dsa-1294Third Party Advisory
- http://www.debian.org/security/2009/dsa-1858Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlThird Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:079Third Party Advisory
- http://www.novell.com/linux/security/advisories/2007_8_sr.htmlThird Party Advisory
- http://www.openbsd.org/errata39.html#021_xorgThird Party Advisory
- http://www.openbsd.org/errata40.html#011_xorgThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2007-0126.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2007-0157.htmlThird Party Advisory
- http://www.securityfocus.com/archive/1/464686/100/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/archive/1/464816/100/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/23300Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1017864Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/usn-453-1Third Party Advisory
- http://www.ubuntu.com/usn/usn-453-2Third Party Advisory
- http://www.ubuntu.com/usn/usn-481-1Broken Link
- http://www.vupen.com/english/advisories/2007/1531Third Party Advisory
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684Issue Tracking, Third Party Advisory
- https://issues.rpath.com/browse/RPL-1211Broken Link
- https://issues.rpath.com/browse/RPL-1213Broken Link
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045Third Party Advisory
- http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlMailing List, Third Party Advisory
- http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.htmlMailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2007-0125.htmlThird Party Advisory
- http://secunia.com/advisories/24739Broken Link
- http://secunia.com/advisories/24741Broken Link
- http://secunia.com/advisories/24745Broken Link
- http://secunia.com/advisories/24756Broken Link
- http://secunia.com/advisories/24758Broken Link
- http://secunia.com/advisories/24765Broken Link
- http://secunia.com/advisories/24771Broken Link
- http://secunia.com/advisories/24791Broken Link
- http://secunia.com/advisories/24953Broken Link
- http://secunia.com/advisories/24975Broken Link
- http://secunia.com/advisories/25004Broken Link
- http://secunia.com/advisories/25072Broken Link
- http://secunia.com/advisories/25112Broken Link
- http://secunia.com/advisories/25131Broken Link
- http://secunia.com/advisories/25305Broken Link
- http://secunia.com/advisories/25992Broken Link
- http://secunia.com/advisories/26177Broken Link
- http://secunia.com/advisories/30161Broken Link
- http://secunia.com/advisories/33937Broken Link
- http://secunia.com/advisories/36260Third Party Advisory
- http://support.apple.com/kb/HT3438Third Party Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2007-176.htmThird Party Advisory
- http://www.debian.org/security/2007/dsa-1294Third Party Advisory
- http://www.debian.org/security/2009/dsa-1858Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlThird Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:079Third Party Advisory
- http://www.novell.com/linux/security/advisories/2007_8_sr.htmlThird Party Advisory
- http://www.openbsd.org/errata39.html#021_xorgThird Party Advisory
- http://www.openbsd.org/errata40.html#011_xorgThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2007-0126.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2007-0157.htmlThird Party Advisory
- http://www.securityfocus.com/archive/1/464686/100/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/archive/1/464816/100/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/23300Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id?1017864Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/usn-453-1Third Party Advisory
- http://www.ubuntu.com/usn/usn-453-2Third Party Advisory
- http://www.ubuntu.com/usn/usn-481-1Broken Link
- http://www.vupen.com/english/advisories/2007/1531Third Party Advisory
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684Issue Tracking, Third Party Advisory
- https://issues.rpath.com/browse/RPL-1211Broken Link
- https://issues.rpath.com/browse/RPL-1213Broken Link
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-1667?
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.
How severe is CVE-2007-1667?
Severity scoring for CVE-2007-1667 is pending analysis. The EPSS model estimates a 4.61% probability of exploitation in the next 30 days.
How do I fix CVE-2007-1667?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2007-1667?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST