[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108684

 
 

909

 
 

85446

 
 

134

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2007-1351Date: (C)2007-04-05   (M)2018-02-19


Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 8.5
Exploit Score: Exploit Score: 6.8
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: SINGLE_INSTANCE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
SECTRACK-1017857
SUNALERT-102886
2007-0013
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501
http://www.securityfocus.com/archive/1/archive/1/464686/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/464816/100/0/threaded
BID-23283
BID-23300
BID-23402
SECUNIA-24741
SECUNIA-24745
SECUNIA-24756
SECUNIA-24758
SECUNIA-24765
SECUNIA-24768
SECUNIA-24770
SECUNIA-24771
SECUNIA-24772
SECUNIA-24776
SECUNIA-24791
SECUNIA-24885
SECUNIA-24889
SECUNIA-24921
SECUNIA-24996
SECUNIA-25004
SECUNIA-25006
SECUNIA-25096
SECUNIA-25195
SECUNIA-25216
SECUNIA-25305
SECUNIA-25495
SECUNIA-28333
SECUNIA-30161
SECUNIA-33937
ADV-2007-1217
ADV-2007-1264
ADV-2007-1548
APPLE-SA-2007-11-14
APPLE-SA-2009-02-12
DSA-1294
DSA-1454
GLSA-200705-02
GLSA-200705-10
GLSA-200805-07
MDKSA-2007:079
MDKSA-2007:080
MDKSA-2007:081
RHSA-2007:0125
RHSA-2007:0126
RHSA-2007:0132
RHSA-2007:0150
SSA:2007-109-01
SUSE-SA:2007:027
SUSE-SR:2007:006
TSLSA-2007-0013
USN-448-1
http://www.openbsd.org/errata39.html#021_xorg
http://www.openbsd.org/errata40.html#011_xorg
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
http://issues.foresightlinux.org/browse/FL-223
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
http://sourceforge.net/project/shownotes.php?release_id=498954
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
https://issues.rpath.com/browse/RPL-1213
xorg-bdf-font-bo(33417)

CPE    5
cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0
cpe:/o:openbsd:openbsd:4.0
cpe:/o:openbsd:openbsd:3.9
cpe:/o:redhat:enterprise_linux_desktop:3.0
...
CWE    1
CWE-189
OVAL    1
oval:org.mitre.oval:def:8204

© SecPod Technologies