CVE-2007-1003

EPSS 8.0%

xfree86

Published: 4/6/2007Modified: 4/28/2026

Also known as:DEBIAN-CVE-2007-1003

Description

Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption.

Affected packages (2)

Debian/xfree86from 0, < 4.3.0.dfsg.1-14sarge4
Debian/xorg-serverfrom 0, < 2:1.1.1-21

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-1003