ID |
CVE-2007-2437
|
Summary |
The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:x.org:x_window_system:7.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x_window_system:7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:x.org:x_window_system:7.1:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x_window_system:7.1:*:*:*:*:*:*:*
-
cpe:2.3:a:x.org:x_window_system:7.2:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x_window_system:7.2:*:*:*:*:*:*:*
-
cpe:2.3:a:x.org:xserver:*:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xserver:*:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.5 (as of 29-07-2017 - 01:31) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
ADJACENT_NETWORK |
LOW |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:A/AC:L/Au:S/C:N/I:N/A:C
|
refmap
via4
|
|
statements
via4
|
contributor | Joshua Bressers | lastmodified | 2007-05-25 | organization | Red Hat | statement | Red Hat does not consider a user assisted client crash such as this to be a security flaw. |
|
Last major update |
29-07-2017 - 01:31 |
Published |
02-05-2007 - 10:19 |
Last modified |
29-07-2017 - 01:31 |