CVE-2007-4730
xorg-server - Buffer Overflow in Composite Extension via Pixmap Depth Mismatch
Title source: llmDescription
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.
References (30)
Core 30
Core References
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_54_xorg.html
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:178
Various Sources mailing-list
x_refsource_mlist
http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37726
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26823
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-1728
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200710-16.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26859
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27147
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0898.html
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:022
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25606
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-514-1
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26743
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27228
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30161
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36535
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018665
Third Party Advisory x_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0187
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26897
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26755
Various Sources x_refsource_confirm
http://bugs.freedesktop.org/show_bug.cgi?id=7447
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26763
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-394.htm
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10430
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27179
Issue Tracking x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=191964
Patch vendor-advisory
x_refsource_debian
http://www.debian.org/security/2007/dsa-1372
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3098
Scores
EPSS
0.0051
EPSS Percentile
40.2%
Details
CWE
CWE-119
Status
published
Products (5)
x.org/xorg-server
1.01
x.org/xorg-server
1.1
x.org/xorg-server
1.02
x.org/xorg-server
1.2
x.org/xorg-server
1.3
Published
Sep 11, 2007
Tracked Since
Feb 18, 2026