ID CVE-2007-0654
Summary Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:x_multimedia_system:x_multimedia_system:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:x_multimedia_system:x_multimedia_system:1.2.10:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 16-10-2018 - 16:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 23078
bugtraq 20070321 Secunia Research: XMMS Integer Overflow and UnderflowVulnerabilities
debian DSA-1277
mandriva MDKSA-2007:071
misc http://secunia.com/secunia_research/2007-47/advisory/
secunia
  • 23986
  • 24645
  • 24804
  • 24889
suse SUSE-SR:2007:006
ubuntu USN-445-1
vupen ADV-2007-1057
xf xmms-skinbitmap-bo(33203)
statements via4
contributor Mark J Cox
lastmodified 2008-04-04
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228013 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Last major update 16-10-2018 - 16:33
Published 21-03-2007 - 22:19
Back to Top