PublicDate: 2007-10-05 21:17:00 UTC
Candidate: CVE-2007-4990
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4990
Description:
 The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows
 context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps
 and (2) QueryXExtents protocol requests with crafted size values that
 specify an arbitrary number of bytes to be swapped on the heap, which
 triggers heap corruption.
Ubuntu-Description:
Notes:
 jdstrand> runs as root
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 
upstream_xfs: released (1.0.5)
dapper_xfs: ignored (reached end-of-life)
edgy_xfs: needed (reached end-of-life)
feisty_xfs: needed (reached end-of-life)
gutsy_xfs: needed (reached end-of-life)
hardy_xfs: not-affected (1:1.0.5-2)
intrepid_xfs: not-affected (1:1.0.5-2)
jaunty_xfs: not-affected (1:1.0.5-2)
karmic_xfs: not-affected (1:1.0.5-2)
devel_xfs: not-affected (1:1.0.5-2)