PublicDate: 2008-01-09 23:46:00 UTC
Candidate: CVE-2007-6531
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6531
Description:
 Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce
 before 4.4.2 might allow remote attackers to execute arbitrary code via
 Launcher tooltips.  NOTE: a second buffer overflow (over-read) in the
 xfce_mkdirhier function was also reported, but it might not be exploitable
 for a crash or code execution, so it is not a vulnerability.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/xfce4-panel/+bug/190020
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_xfce4-panel:
 debdiff: https://bugs.launchpad.net/ubuntu/+source/xfce4-panel/+bug/190020
upstream_xfce4-panel: released (4.4.2)
dapper_xfce4-panel: released (4.3.90.1svn+r21633-0ubuntu2.1)
edgy_xfce4-panel: needed (reached end-of-life)
feisty_xfce4-panel: released (4.4.0-0ubuntu1.1)
gutsy_xfce4-panel: released (4.4.1-1ubuntu3.1)
hardy_xfce4-panel: released (4.4.2)
devel_xfce4-panel: released (4.4.2)