Launchpad.net

CVE 2016-7943

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.

See the CVE page on Mitre.org for more details.