RSS   Vulnerabilities for 'Libxfont'   RSS

2017-10-11
 
CVE-2017-13722

CWE-125
 

 
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.

 
 
CVE-2017-13720

CWE-125
 

 
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.

 
2017-08-18
 
CVE-2007-5199

 

 
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.

 
2007-04-05
 
CVE-2007-1352

CWE-Other
 

 
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

 
 
CVE-2007-1351

CWE-189
 

 
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

 

 >>> Vendor: X.org 32 Products
X11
Xterm
X11r6
X.org
X11r7
Emu-linux-x87-xlibs
XDM
Xf86dga
Xinit
Xload
Xorg-server
Libx11
Libxfont
X window system
Xserver
X font server
Xinput
Tog-cup
EVI
Mit-shm
Libxinerama
Libxrender
Libxv
X.org-server
X.xorg-server
Xfree86
X.org x11
Libxfixes
Libxi
Libxrandr
Libxtst
Libxvmc


Copyright 2019, cxsecurity.com

 

Back to Top