CVE-2007-1667

Publication date 24 March 2007

Last updated 24 July 2024


Ubuntu priority

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

Status

Package Ubuntu Release Status
graphicsmagick 8.04 LTS hardy
Fixed 1.1.8-1
7.10 gutsy
Fixed 1.1.8-1
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Not in release
imagemagick 8.04 LTS hardy
Fixed 6.2.4.5.dfsg1-1ubuntu1
7.10 gutsy
Fixed 6.2.4.5.dfsg1-1ubuntu1
7.04 feisty
Fixed 6.2.4.5.dfsg1-0.14ubuntu0.1
6.10 edgy
Fixed 6.2.4.5.dfsg1-0.10ubuntu0.3
6.06 LTS dapper
Fixed 6.2.4.5-0.6ubuntu0.6
libx11 8.04 LTS hardy
Fixed 1.1.1-1ubuntu3
7.10 gutsy
Fixed 1.1.1-1ubuntu3
7.04 feisty
Fixed 1.1.1-1ubuntu3
6.10 edgy
Fixed 1.0.3-0ubuntu4.1
6.06 LTS dapper
Fixed 1.0.0-0ubuntu9.1

References

Related Ubuntu Security Notices (USN)

    • USN-453-1
    • X.org vulnerability
    • 18 April 2007
    • USN-481-1
    • ImageMagick vulnerabilities
    • 10 July 2007

Other references