CVE-2007-6532 - Buffer Errors vulnerability in Xfce 4.4.1

Publication

2008-01-09

Last modification

2011-03-08

Summary

Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."

Classification

CWE-119 - Buffer Errors

Risk level (CVSS AV:N/AC:L/Au:N/C:C/I:C/A:C)

High

10.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Xfce Xfce  4.4.1

Related CVE

Date CVE Title CVSS
2008-01-09 CVE-2007-6531 Buffer Errors vulnerability in Xfce 4.4.1 Medium