CVE-2007-1352

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

References

http://issues.foresightlinux.org/browse/FL-223

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502

http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

http://rhn.redhat.com/errata/RHSA-2007-0125.html

http://secunia.com/advisories/24741

http://secunia.com/advisories/24745

http://secunia.com/advisories/24756

http://secunia.com/advisories/24758

http://secunia.com/advisories/24765

http://secunia.com/advisories/24770

http://secunia.com/advisories/24771

http://secunia.com/advisories/24772

http://secunia.com/advisories/24791

http://secunia.com/advisories/25004

http://secunia.com/advisories/25006

http://secunia.com/advisories/25195

http://secunia.com/advisories/25216

http://secunia.com/advisories/25305

http://secunia.com/advisories/33937

http://security.gentoo.org/glsa/glsa-200705-10.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1

http://support.apple.com/kb/HT3438

http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm

http://www.debian.org/security/2007/dsa-1294

http://www.mandriva.com/security/advisories?name=MDKSA-2007:079

http://www.mandriva.com/security/advisories?name=MDKSA-2007:080

http://www.novell.com/linux/security/advisories/2007_27_x.html

http://www.openbsd.org/errata39.html#021_xorg

http://www.openbsd.org/errata40.html#011_xorg

http://www.redhat.com/support/errata/RHSA-2007-0126.html

http://www.redhat.com/support/errata/RHSA-2007-0132.html

http://www.securityfocus.com/archive/1/464686/100/0/threaded

http://www.securityfocus.com/archive/1/464816/100/0/threaded

http://www.securityfocus.com/bid/23283

http://www.securityfocus.com/bid/23300

http://www.securitytracker.com/id?1017857

http://www.ubuntu.com/usn/usn-448-1

http://www.vupen.com/english/advisories/2007/1217

http://www.vupen.com/english/advisories/2007/1548

https://exchange.xforce.ibmcloud.com/vulnerabilities/33419

https://issues.rpath.com/browse/RPL-1213

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243

Details

Source: MITRE

Published: 2007-04-06

Updated: 2018-10-16

Risk Information

CVSS v2

Base Score: 3.8

Vector: AV:A/AC:M/Au:S/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 4.4

Severity: LOW

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

OR

cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*

cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*

cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*

cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*

cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*

Configuration 7

OR

cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*

Configuration 8

OR

cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*

cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*

Tenable Plugins

View all (16 total)

IDNameProductFamilySeverity
67468Oracle Linux 5 : libXfont (ELSA-2007-0132)NessusOracle Linux Local Security Checks
high
67465Oracle Linux 4 : xorg-x11 (ELSA-2007-0126)NessusOracle Linux Local Security Checks
high
67464Oracle Linux 3 : XFree86 (ELSA-2007-0125)NessusOracle Linux Local Security Checks
high
35684Mac OS X Multiple Vulnerabilities (Security Update 2009-001)NessusMacOS X Local Security Checks
critical
29607SuSE 10 Security Update : Xorg X11 (ZYPP Patch Number 3083)NessusSuSE Local Security Checks
high
28045Ubuntu 5.10 / 6.06 LTS / 6.10 : freetype, libxfont, xorg, xorg-server vulnerabilities (USN-448-1)NessusUbuntu Local Security Checks
high
27496openSUSE 10 Security Update : xorg-x11-server (xorg-x11-server-3082)NessusSuSE Local Security Checks
high
25324RHEL 5 : libXfont (RHSA-2007:0132)NessusRed Hat Local Security Checks
high
25259Debian DSA-1294-1 : xfree86 - several vulnerabilitiesNessusDebian Local Security Checks
high
25187GLSA-200705-10 : LibXfont, TightVNC: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
25006CentOS 4 : xorg (CESA-2007:0126)NessusCentOS Local Security Checks
high
24950RHEL 4 : xorg-x11 (RHSA-2007:0126)NessusRed Hat Local Security Checks
high
24949RHEL 2.1 / 3 : XFree86 (RHSA-2007:0125)NessusRed Hat Local Security Checks
high
24946Mandrake Linux Security Advisory : tightvnc (MDKSA-2007:080-1)NessusMandriva Local Security Checks
high
24945Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2007:079-1)NessusMandriva Local Security Checks
high
24920CentOS 3 : XFree86 (CESA-2007:0125)NessusCentOS Local Security Checks
high