HIGH🇵🇱 Wersja polska

CVE-2007-6532

CVSS 10.0v2.0pub. 2008-01-09upd. 2026-04-23

Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Xfce

    APP
    Xfce
    ≤ 4.4.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2009-4996HIGH7.2ten sam produkt

Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which m...

CVE-2018-18398MEDIUM4.7ten sam produkt

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within F...

CVE-2007-6531MEDIUM5.0ten sam produkt

Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attac...

CVE-2022-45062CRITICAL9.8ten sam vendor

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in...

CVE-2021-32563CRITICAL9.8ten sam vendor

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a...