Launchpad.net

CVE 2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20070403 Multiple Vend...
MLIST: [xorg-announce] 200704...
CONFIRM: http://issues.foresigh...
CONFIRM: https://issues.rpath.c...
REDHAT: RHSA-2007:0126
REDHAT: RHSA-2007:0125
REDHAT: RHSA-2007:0132
UBUNTU: USN-448-1
BID: 23283
SECTRACK: 1017857
SECUNIA: 24741
SECUNIA: 24756
SECUNIA: 24770
SECUNIA: 24745
SECUNIA: 24758
SECUNIA: 24765
SECUNIA: 24771
SECUNIA: 24772
SECUNIA: 24791
SUSE: SUSE-SA:2007:027
SECUNIA: 25004
OPENBSD: [3.9] 021: SECURITY FI...
OPENBSD: [4.0] 011: SECURITY FI...
SUNALERT: 102886
BID: 23300
SECUNIA: 25006
GENTOO: GLSA-200705-10
SECUNIA: 25195
CONFIRM: http://support.avaya.c...
SECUNIA: 25216
DEBIAN: DSA-1294
SECUNIA: 25305
MANDRIVA: MDKSA-2007:079
MANDRIVA: MDKSA-2007:080
APPLE: APPLE-SA-2007-11-14
APPLE: APPLE-SA-2009-02-12
SECUNIA: 33937
CONFIRM: http://support.apple.c...
VUPEN: ADV-2007-1217
VUPEN: ADV-2007-1548
XF: xorg-fontsdir-bo(33419)
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070404 rPSA-2007-006...
BUGTRAQ: 20070405 FLEA-2007-000...

Launchpad.net

CVE 2007-1352

Related bugs

References