DEBIAN-CVE-2007-4752

DEBIAN-CVE-2007-4752 PUBLISHED

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.

Affected Products

Vendor	Product	Versions
Debian:12	openssh	0, 0, 0
Debian:13	openssh	0, 0, 0
Debian:11	openssh	0, 0, 0
Debian:14	openssh	0, 0, 0

Timeline

Sep 12, 2007 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2007-4752 advisory

Open in Interactive Console →