Launchpad.net

CVE 2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

Related bugs and status

CVE-2007-1351 (Candidate) is related to these bugs:

Bug #181285: [freetype] [CVE-2007-1351] integer overflow, possibility of local DoS or arbitrary code execution

Summary				In	Importance	Status
	181285	[freetype] [CVE-2007-1351] integer overflow, possibility of local DoS or arbitrary code execution		freetype (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20070403 Multiple Vend...
MLIST: [xorg-announce] 200704...
CONFIRM: http://issues.foresigh...
CONFIRM: http://sourceforge.net...
CONFIRM: https://issues.rpath.c...
REDHAT: RHSA-2007:0126
REDHAT: RHSA-2007:0125
REDHAT: RHSA-2007:0132
UBUNTU: USN-448-1
BID: 23283
SECTRACK: 1017857
SECUNIA: 24741
SECUNIA: 24756
SECUNIA: 24770
SECUNIA: 24745
SECUNIA: 24758
SECUNIA: 24765
SECUNIA: 24768
SECUNIA: 24771
SECUNIA: 24772
SECUNIA: 24776
SECUNIA: 24791
REDHAT: RHSA-2007:0150
BID: 23402
SECUNIA: 24885
SUSE: SUSE-SR:2007:006
SUSE: SUSE-SA:2007:027
TRUSTIX: 2007-0013
SECUNIA: 24889
SECUNIA: 25004
SECUNIA: 24921
SECUNIA: 24996
OPENBSD: [3.9] 021: SECURITY FI...
OPENBSD: [4.0] 011: SECURITY FI...
SUNALERT: 102886
BID: 23300
SECUNIA: 25006
GENTOO: GLSA-200705-02
GENTOO: GLSA-200705-10
SECUNIA: 25096
SECUNIA: 25195
CONFIRM: http://support.avaya.c...
SECUNIA: 25216
DEBIAN: DSA-1294
SECUNIA: 25305
CONFIRM: http://support.avaya.c...
SECUNIA: 25495
MANDRIVA: MDKSA-2007:079
MANDRIVA: MDKSA-2007:080
MANDRIVA: MDKSA-2007:081
APPLE: APPLE-SA-2007-11-14
DEBIAN: DSA-1454
SECUNIA: 28333
GENTOO: GLSA-200805-07
SECUNIA: 30161
APPLE: APPLE-SA-2009-02-12
SECUNIA: 33937
CONFIRM: http://support.apple.c...
VUPEN: ADV-2007-1217
VUPEN: ADV-2007-1264
VUPEN: ADV-2007-1548
CONFIRM: http://sourceforge.net...
SLACKWARE: SSA:2007-109-01
XF: xorg-bdf-font-bo(33417)
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070404 rPSA-2007-006...
BUGTRAQ: 20070405 FLEA-2007-000...