Vulnerability CVE-2007-1351

Vulnerability CVE-2007-1351

Published: 2007-04-05 Modified: 2012-02-12

Description:

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

Type:

CWE-189

(Numeric Errors)

CVSS2 => (AV:N/AC:M/Au:S/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
8.5/10	10/10	6.8/10

Exploit range	Attack complexity	Authentication
Remote	Medium	Single time
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Xfree86 project -> X11r6
X.org -> Libxfont
Ubuntu -> Ubuntu linux
Rpath -> Rpath linux
Redhat -> Enterprise linux
Redhat -> Enterprise linux desktop
Redhat -> Linux advanced workstation
Openbsd -> Openbsd
Mandrakesoft -> Mandrake multi network firewall

References:

http://issues.foresightlinux.org/browse/FL-223

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501

http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

http://rhn.redhat.com/errata/RHSA-2007-0125.html

http://security.gentoo.org/glsa/glsa-200705-02.xml

http://security.gentoo.org/glsa/glsa-200705-10.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733

http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954

http://sourceforge.net/project/shownotes.php?release_id=498954

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1

http://support.apple.com/kb/HT3438

http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm

http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm

http://www.debian.org/security/2007/dsa-1294

http://www.debian.org/security/2008/dsa-1454

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2007:079

http://www.mandriva.com/security/advisories?name=MDKSA-2007:080

http://www.mandriva.com/security/advisories?name=MDKSA-2007:081

http://www.novell.com/linux/security/advisories/2007_27_x.html

http://www.novell.com/linux/security/advisories/2007_6_sr.html

http://www.openbsd.org/errata39.html#021_xorg

http://www.openbsd.org/errata40.html#011_xorg

http://www.redhat.com/support/errata/RHSA-2007-0126.html

http://www.redhat.com/support/errata/RHSA-2007-0132.html

http://www.redhat.com/support/errata/RHSA-2007-0150.html

http://www.securityfocus.com/archive/1/464686/100/0/threaded

http://www.securityfocus.com/archive/1/464816/100/0/threaded

http://www.securityfocus.com/bid/23283

http://www.securityfocus.com/bid/23300

http://www.securityfocus.com/bid/23402

http://www.securitytracker.com/id?1017857

http://www.trustix.org/errata/2007/0013/

http://www.ubuntu.com/usn/usn-448-1

http://www.vupen.com/english/advisories/2007/1217

http://www.vupen.com/english/advisories/2007/1264

http://www.vupen.com/english/advisories/2007/1548

https://exchange.xforce.ibmcloud.com/vulnerabilities/33417

https://issues.rpath.com/browse/RPL-1213

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810

Vulnerability CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

CWE-189

CVSS2 => (AV:N/AC:M/Au:S/C:C/I:C/A:C)

8.5/10

10/10

6.8/10

Remote

Medium

Single time

Complete

Complete

Complete

Affected software

References: