[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-1351

Date: (C)2007-04-05   (M)2017-11-18 


Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

CVSS Score: 8.5Access Vector: NETWORK
Exploit Score: 6.8Access Complexity: MEDIUM
Impact Score: 10.0Authentication: SINGLE_INSTANCE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1017857
SUNALERT-102886
2007-0013
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501
http://www.securityfocus.com/archive/1/archive/1/464686/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/464816/100/0/threaded
BID-23283
BID-23300
BID-23402
SECUNIA-24741
SECUNIA-24745
SECUNIA-24756
SECUNIA-24758
SECUNIA-24765
SECUNIA-24768
SECUNIA-24770
SECUNIA-24771
SECUNIA-24772
SECUNIA-24776
SECUNIA-24791
SECUNIA-24885
SECUNIA-24889
SECUNIA-24921
SECUNIA-24996
SECUNIA-25004
SECUNIA-25006
SECUNIA-25096
SECUNIA-25195
SECUNIA-25216
SECUNIA-25305
SECUNIA-25495
SECUNIA-28333
SECUNIA-30161
SECUNIA-33937
ADV-2007-1217
ADV-2007-1264
ADV-2007-1548
APPLE-SA-2007-11-14
APPLE-SA-2009-02-12
DSA-1294
DSA-1454
GLSA-200705-02
GLSA-200705-10
GLSA-200805-07
MDKSA-2007:079
MDKSA-2007:080
MDKSA-2007:081
RHSA-2007:0125
RHSA-2007:0126
RHSA-2007:0132
RHSA-2007:0150
SSA:2007-109-01
SUSE-SA:2007:027
SUSE-SR:2007:006
TSLSA-2007-0013
USN-448-1
http://www.openbsd.org/errata39.html#021_xorg
http://www.openbsd.org/errata40.html#011_xorg
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
http://issues.foresightlinux.org/browse/FL-223
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
http://sourceforge.net/project/shownotes.php?release_id=498954
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
https://issues.rpath.com/browse/RPL-1213
xorg-bdf-font-bo(33417)

CPE    5
cpe:/o:redhat:enterprise_linux_desktop:3.0
cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0
cpe:/o:openbsd:openbsd:3.9
cpe:/o:openbsd:openbsd:4.0
...
CWE    1
CWE-189
OVAL    1
oval:org.mitre.oval:def:8204

© 2013 SecPod Technologies