{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-22T00:00:00", "descriptions": [{"lang": "en", "value": "Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the \"cliend id, program name and working directory in session management.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-02-26T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=201292"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.xfce.org/documentation/changelogs/4.4.2"}, {"name": "ADV-2008-0080", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0080"}, {"name": "GLSA-200801-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200801-06.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6532", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the \"cliend id, program name and working directory in session management.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://bugs.gentoo.org/show_bug.cgi?id=201292", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=201292"}, {"name": "http://www.xfce.org/documentation/changelogs/4.4.2", "refsource": "CONFIRM", "url": "http://www.xfce.org/documentation/changelogs/4.4.2"}, {"name": "ADV-2008-0080", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0080"}, {"name": "GLSA-200801-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200801-06.xml"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6532", "datePublished": "2008-01-09T23:00:00", "dateReserved": "2007-12-27T00:00:00", "dateUpdated": "2008-02-26T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xfce:xfce:*:*:*:*:*:*:*:*", "matchCriteriaId": "505C43F9-E1DF-494C-B156-CFE90BE31C47", "versionEndIncluding": "4.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the \"cliend id, program name and working directory in session management.\""}, {"lang": "es", "value": "Una vulnerabilidad de doble liberaci\u00f3n en la Biblioteca Widgets (libxfcegui4) en Xfce versiones anteriores a 4.4.2, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos relacionados al \"cliend id, program name and working directory in session management.\""}], "id": "CVE-2007-6532", "lastModified": "2011-03-08T03:03:07.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-01-09T23:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=201292"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200801-06.xml"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0080"}, {"source": "cve@mitre.org", "url": "http://www.xfce.org/documentation/changelogs/4.4.2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}