CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-6532

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1930%
EPSS Percentile33.96th
Published2008年1月9日
Last Modified2026年4月23日

Vulnerability Description

Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."

Affected Platforms (CPE)

📦
Xfce

Xfce

<= 4.4.1

References & Advisories

🔗 http://bugs.gentoo.org/show_bug.cgi?id=201292
🔗 http://security.gentoo.org/glsa/glsa-200801-06.xml
🔗 http://www.vupen.com/english/advisories/2008/0080
🔗 http://www.xfce.org/documentation/changelogs/4.4.2
🔗 http://bugs.gentoo.org/show_bug.cgi?id=201292
🔗 http://security.gentoo.org/glsa/glsa-200801-06.xml
🔗 http://www.vupen.com/english/advisories/2008/0080
🔗 http://www.xfce.org/documentation/changelogs/4.4.2

関連する脆弱性情報

CVE-2007-37707.8

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execut...

CVE-2009-46427.2

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop suc...

CVE-2009-49967.2

Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which might make it easier ...

CVE-2007-65315.0

Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbi...