RSS   Vulnerabilities for 'Libxfont'   RSS

2017-10-11
 
CVE-2017-13722

CWE-125
 
 
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.

 
 
CVE-2017-13720

CWE-125
 
 
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.

 
2017-08-18
 
CVE-2007-5199

 
 
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.

 
2007-04-05
 
CVE-2007-1352

CWE-Other
 
 
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

 
 
CVE-2007-1351

CWE-189
 
 
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

 

 >>> Vendor: X.org 34 Products
Xfree86
X11r6
X11
Xterm
XDM
X.org
X11r7
Emu-linux-x87-xlibs
Xf86dga
Xinit
Xload
Xorg-server
Libx11
Libxfont
X window system
Xserver
X font server
Xinput
Tog-cup
EVI
Mit-shm
X server
X.org x11
Libxfixes
Libxi
Libxinerama
Libxrandr
Libxrender
Libxv
Libxvmc
Libxtst
X.org-server
X.xorg-server
Libxdmcp

Copyright 2024, cxsecurity.com

 

Back to Top