Vulnerability Description
Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | All versions |
| X Multimedia System | X Multimedia System | 1.2.10 |
References
- http://secunia.com/advisories/23986
- http://secunia.com/advisories/24645
- http://secunia.com/advisories/24804
- http://secunia.com/advisories/24889
- http://secunia.com/secunia_research/2007-47/advisory/Vendor Advisory
- http://www.debian.org/security/2007/dsa-1277
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:071
- http://www.novell.com/linux/security/advisories/2007_6_sr.html
- http://www.securityfocus.com/archive/1/463408/100/0/threaded
- http://www.securityfocus.com/bid/23078
- http://www.ubuntu.com/usn/usn-445-1
- http://www.vupen.com/english/advisories/2007/1057
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33205
- http://secunia.com/advisories/23986
- http://secunia.com/advisories/24645
FAQ
What is CVE-2007-0653?
CVE-2007-0653 is a vulnerability with a CVSS score of 9.3 (HIGH). Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap imag...
How severe is CVE-2007-0653?
CVE-2007-0653 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0653?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, X Multimedia System X Multimedia System.