CVE-2007-1351

HIGH

Description

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

References

http://issues.foresightlinux.org/browse/FL-223

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501

http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

http://rhn.redhat.com/errata/RHSA-2007-0125.html

http://secunia.com/advisories/24741

http://secunia.com/advisories/24745

http://secunia.com/advisories/24756

http://secunia.com/advisories/24758

http://secunia.com/advisories/24765

http://secunia.com/advisories/24768

http://secunia.com/advisories/24770

http://secunia.com/advisories/24771

http://secunia.com/advisories/24772

http://secunia.com/advisories/24776

http://secunia.com/advisories/24791

http://secunia.com/advisories/24885

http://secunia.com/advisories/24889

http://secunia.com/advisories/24921

http://secunia.com/advisories/24996

http://secunia.com/advisories/25004

http://secunia.com/advisories/25006

http://secunia.com/advisories/25096

http://secunia.com/advisories/25195

http://secunia.com/advisories/25216

http://secunia.com/advisories/25305

http://secunia.com/advisories/25495

http://secunia.com/advisories/28333

http://secunia.com/advisories/30161

http://secunia.com/advisories/33937

http://security.gentoo.org/glsa/glsa-200705-02.xml

http://security.gentoo.org/glsa/glsa-200705-10.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733

http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954

http://sourceforge.net/project/shownotes.php?release_id=498954

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1

http://support.apple.com/kb/HT3438

http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm

http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm

http://www.debian.org/security/2007/dsa-1294

http://www.debian.org/security/2008/dsa-1454

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2007:079

http://www.mandriva.com/security/advisories?name=MDKSA-2007:080

http://www.mandriva.com/security/advisories?name=MDKSA-2007:081

http://www.novell.com/linux/security/advisories/2007_27_x.html

http://www.novell.com/linux/security/advisories/2007_6_sr.html

http://www.openbsd.org/errata39.html#021_xorg

http://www.openbsd.org/errata40.html#011_xorg

http://www.redhat.com/support/errata/RHSA-2007-0126.html

http://www.redhat.com/support/errata/RHSA-2007-0132.html

http://www.redhat.com/support/errata/RHSA-2007-0150.html

http://www.securityfocus.com/archive/1/464686/100/0/threaded

http://www.securityfocus.com/archive/1/464816/100/0/threaded

http://www.securityfocus.com/bid/23283

http://www.securityfocus.com/bid/23300

http://www.securityfocus.com/bid/23402

http://www.securitytracker.com/id?1017857

http://www.trustix.org/errata/2007/0013/

http://www.ubuntu.com/usn/usn-448-1

http://www.vupen.com/english/advisories/2007/1217

http://www.vupen.com/english/advisories/2007/1264

http://www.vupen.com/english/advisories/2007/1548

https://exchange.xforce.ibmcloud.com/vulnerabilities/33417

https://issues.rpath.com/browse/RPL-1213

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810

Details

Source: MITRE

Published: 2007-04-06

Updated: 2018-10-16

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 6.8

Severity: HIGH