CVE-2007-6427

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

Published: Jan 19, 2008
Updated: Apr 13, 2023
CVE: CVE-2007-6427
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
x.org / x_server	-	1.4.1
canonical / ubuntu_linux	6.06	6.06.x
canonical / ubuntu_linux	7.04	7.04.x
canonical / ubuntu_linux	7.10	7.10.x
canonical / ubuntu_linux	6.10	6.10.x
debian / debian_linux	3.1	3.1.x
debian / debian_linux	4.0	4.0.x
apple / mac_os_x	-	10.4.11
apple / mac_os_x	10.5.0	10.5.2
fedoraproject / fedora	8	8.x
fedoraproject / fedora	7	7.x
opensuse / opensuse	10.2	10.2.x
suse / linux_enterprise_server	9	9.x
opensuse / opensuse	10.3	10.3.x
suse / linux_enterprise_software_development_kit	10-sp1	10-sp1.x
suse / linux_enterprise_server	10-sp1	10-sp1.x
suse / linux_enterprise_desktop	10-sp1	10-sp1.x
suse / linux	10.1	10.1.x
suse / linux_enterprise_desktop	10	10.x
suse / linux_enterprise_server	8	8.x
suse / linux_enterprise_desktop	9	9.x

Vulnerability Database

289,599

CVE-2007-6427