Your submission was sent successfully! Close

CVE-2007-1667

Published: 24 March 2007

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

Priority

Unknown

Status

Package Release Status
graphicsmagick
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Needed

feisty Needed
(reached end-of-life)
gutsy
Released (1.1.8-1)
hardy
Released (1.1.8-1)
upstream Needs triage

imagemagick
Launchpad, Ubuntu, Debian
dapper
Released (6.2.4.5-0.6ubuntu0.6)
edgy
Released (6.2.4.5.dfsg1-0.10ubuntu0.3)
feisty
Released (6.2.4.5.dfsg1-0.14ubuntu0.1)
gutsy
Released (6.2.4.5.dfsg1-1ubuntu1)
hardy
Released (6.2.4.5.dfsg1-1ubuntu1)
upstream Needs triage

libx11
Launchpad, Ubuntu, Debian
dapper
Released (1.0.0-0ubuntu9.1)
edgy
Released (1.0.3-0ubuntu4.1)
feisty
Released (1.1.1-1ubuntu3)
gutsy
Released (1.1.1-1ubuntu3)
hardy
Released (1.1.1-1ubuntu3)
upstream Needs triage