RSS   Vulnerabilities for 'X font server'   RSS

2007-10-05
 
CVE-2007-4990

CWE-189
 

 
The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

 
 
CVE-2007-4568

CWE-189
 

 
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.

 

 >>> Vendor: X.org 33 Products
X11
Xterm
X11r6
X.org
X11r7
Emu-linux-x87-xlibs
XDM
Xf86dga
Xinit
Xload
Xorg-server
Libx11
Libxfont
X window system
Xserver
X font server
Xinput
Tog-cup
EVI
Mit-shm
Libxinerama
Libxrender
Libxv
X.org-server
X.xorg-server
Xfree86
X.org x11
Libxfixes
Libxi
Libxrandr
Libxtst
Libxvmc
Libxdmcp


Copyright 2019, cxsecurity.com

 

Back to Top