cpe:/a:x.org:x_font_server:1.0.1 cpe:/a:x.org:x_font_server:1.0.2 cpe:/a:x.org:x_font_server:1.0.4 CVE-2007-4568 2007-10-05T17:17:00.000-04:00 2017-09-28T21:29:18.390-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-10-08T09:50:00.000-04:00 SECTRACK 1018763 SUNALERT 103114 SUNALERT 200642 IDEFENSE 20071002 Multiple Vendor X Font Server Multiple Vulnerabilities BUGTRAQ 20071003 rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs BID 25898 SECUNIA 27040 SECUNIA 27052 SECUNIA 27060 SECUNIA 27168 SECUNIA 27176 SECUNIA 27228 SECUNIA 27240 SECUNIA 27560 SECUNIA 28004 SECUNIA 28536 SECUNIA 28542 SECUNIA 28891 SECUNIA 29420 VUPEN ADV-2007-3337 VUPEN ADV-2007-3338 VUPEN ADV-2007-3467 VUPEN ADV-2008-0495 VUPEN ADV-2008-0924 APPLE APPLE-SA-2008-02-11 APPLE APPLE-SA-2008-03-18 DEBIAN DSA-1385 FEDORA FEDORA-2007-4263 GENTOO GLSA-200710-11 MANDRIVA MDKSA-2007:210 REDHAT RHSA-2008:0029 REDHAT RHSA-2008:0030 SUSE SUSE-SA:2007:054 CERT TA08-043B MLIST [xorg-announce] 20071002 [ANNOUNCE] X.Org security advisory: multiple vulnerabilities in X font server CONFIRM http://bugs.freedesktop.org/show_bug.cgi?id=12298 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=194606 CONFIRM http://docs.info.apple.com/article.html?artnum=307430 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 CONFIRM https://issues.rpath.com/browse/RPL-1756 XF xfs-protocol-requests-bo(36919) Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.