CVE-2007-6531 - Buffer Errors vulnerability in Xfce 4.4.1


Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.


CWE-119 - Buffer Errors

Risk level (CVSS 5.0)



Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High


  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Related CVE

Date CVE Title CVSS
2008-01-09 CVE-2007-6532 Buffer Errors vulnerability in Xfce 4.4.1 10.0