NASLDB: RHSA-2007-0157: libX11
General
ID: 25326
Name: RHSA-2007-0157: libX11
Summary: Check for the version of the libX11 packages
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –
Port: 0
Family: Red Hat Local Security Checks
Type: Local
Description
Updated xorg-x11-apps and libX11 packages that fix a security issue are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.
An integer overflow flaw was found in the X.org XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667)
Users of the X.org X11 server should upgrade to these updated packages,
which contain a backported patch and are not vulnerable to this issue.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2007-1667
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2007/05/25
Plugin
Version: 1.11
Filename: redhat-RHSA-2007-0157.nasl
Filesize: 2692 bytes
MD5 Hash: 4cfb72c0a226346f8b31829043817147
Identification: Host/RedHat/rpm-list
Require Keys: Host/RedHat/rpm-list
Dependencies: "ssh_get_info.nasl"
Copyright: This script is Copyright© 2007-2011 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack