CVE-2007-6427 · threatengine.sh

Home/CVE/The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requ

CVE

CVE-2007-6427

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requ

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

HIGH · CVSS 9.3 EPSS 0.0424

Schedule remediation

CVSS base score ≥ 7.0

Sigma rules8 YARA rules0

⬡

Weakness Classification

CWE-787Out-of-bounds Write

▤

Affected Products & Versions

12

x.org x server< 1.4.1
canonical ubuntu linuxall versions
debian linuxall versions
apple mac os x< 10.4.11
apple mac os x>= 10.5.0 and < 10.5.2
fedoraproject fedoraall versions
opensuseall versions
suse linuxall versions
Show all 12 affected productssuse linux enterprise desktopall versions
suse linux enterprise serverall versions
suse linux enterprise software development kitall versions
suse open enterprise serverall versions

◈

Sigma Hunt Rules

8

Exact rules name this CVE ID. Product rules name an affected product in their title. Related rules cover techniques used by actors who exploited this CVE. Showing the most relevant matches; the complete related set is on the full drill-down.

productcriticalLinux Reverse Shell Indicator

producthighCommunication To LocaltoNet Tunneling Service Initiated - Linux

producthighPotentially Suspicious Malware Callback Communication - Linux

producthighLinux Crypto Mining Pool Connections

producthighCommunication To Ngrok Tunneling Service - Linux

producthighLinux Crypto Mining Indicators

Show all 8 top matches

producthighShell Execution GCC - Linux

producthighShell Execution via Rsync - Linux

See all related Sigma rules for this CVE

▣

Scoring & Timeline

9.3

HIGH · CVSS v2 (legacy) · cve@mitre.org

View on NVD

This CVE predates CVSS v3; the legacy v2 score is shown so triage still has a severity to work with.

v2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Published to NVD18 Jan 2008 · 11:00 PM

⚑

Vendor Advisories

5

suse-csafopenSUSE-SU-2024:11525-1
usnUSN-571-1
rhsaRHSA-2008:0031Important
rhsaRHSA-2008:0030Important
rhsaRHSA-2008:0029Important

🔗

References & Sources

67

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://bugs.gentoo.org/show_bug.cgi?id=204362Issue TrackingPatchThird Party Advisory

http://docs.info.apple.com/article.html?artnum=307562Broken Link

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321Broken Link

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=643Broken Link

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlMailing List

http://lists.freedesktop.org/archives/xorg/2008-January/031918.htmlThird Party Advisory

Show all 67 references

http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.htmlMailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.htmlMailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.htmlMailing ListThird Party Advisory

http://secunia.com/advisories/28273Third Party Advisory

http://secunia.com/advisories/28532Third Party Advisory

http://secunia.com/advisories/28535Third Party Advisory

http://secunia.com/advisories/28536Third Party Advisory

http://secunia.com/advisories/28539Third Party Advisory

http://secunia.com/advisories/28540Third Party Advisory

http://secunia.com/advisories/28542Third Party Advisory

http://secunia.com/advisories/28543Third Party Advisory

http://secunia.com/advisories/28550Third Party Advisory

http://secunia.com/advisories/28584Third Party Advisory

http://secunia.com/advisories/28592Third Party Advisory

http://secunia.com/advisories/28616Third Party Advisory

http://secunia.com/advisories/28693Third Party Advisory

http://secunia.com/advisories/28718Third Party Advisory

http://secunia.com/advisories/28838Third Party Advisory

http://secunia.com/advisories/28843Third Party Advisory

http://secunia.com/advisories/28885Third Party Advisory

http://secunia.com/advisories/28941Third Party Advisory

http://secunia.com/advisories/29139Third Party Advisory

http://secunia.com/advisories/29420Third Party Advisory

http://secunia.com/advisories/29622Third Party Advisory

http://secunia.com/advisories/29707Third Party Advisory

http://secunia.com/advisories/30161Third Party Advisory

http://secunia.com/advisories/32545Third Party Advisory

http://security.gentoo.org/glsa/glsa-200801-09.xmlThird Party Advisory

http://security.gentoo.org/glsa/glsa-200804-05.xmlThird Party Advisory

http://securitytracker.com/id?1019232Third Party AdvisoryVDB Entry

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1Broken Link

http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1Broken Link

http://support.avaya.com/elmodocs2/security/ASA-2008-039.htmThird Party Advisory

http://support.avaya.com/elmodocs2/security/ASA-2008-078.htmThird Party Advisory

http://www.debian.org/security/2008/dsa-1466Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlThird Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:021Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:022Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:023Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:025Third Party Advisory

http://www.openbsd.org/errata41.html#012_xorgThird Party Advisory

http://www.openbsd.org/errata42.html#006_xorgThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0029.htmlThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0030.htmlThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0031.htmlThird Party Advisory

http://www.securityfocus.com/archive/1/487335/100/0/threadedThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/27336PatchThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/27351Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2008/0179Third Party Advisory

http://www.vupen.com/english/advisories/2008/0184Third Party Advisory

http://www.vupen.com/english/advisories/2008/0497/referencesThird Party Advisory

http://www.vupen.com/english/advisories/2008/0703Third Party Advisory

http://www.vupen.com/english/advisories/2008/0924/referencesThird Party Advisory

http://www.vupen.com/english/advisories/2008/3000Third Party Advisory

http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIXMitigationThird Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/39759Third Party AdvisoryVDB Entry

https://issues.rpath.com/browse/RPL-2010Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10372Third Party Advisory

https://usn.ubuntu.com/571-1/Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.htmlThird Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.htmlThird Party Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin