CVE-2008-0006

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.

References

http://bugs.gentoo.org/show_bug.cgi?id=204362

http://docs.info.apple.com/article.html?artnum=307562

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321

http://jvn.jp/en/jp/JVN88935101/index.html

http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001043.html

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://lists.freedesktop.org/archives/xorg/2008-January/031918.html

http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html

http://secunia.com/advisories/28273

http://secunia.com/advisories/28500

http://secunia.com/advisories/28532

http://secunia.com/advisories/28535

http://secunia.com/advisories/28536

http://secunia.com/advisories/28540

http://secunia.com/advisories/28542

http://secunia.com/advisories/28544

http://secunia.com/advisories/28550

http://secunia.com/advisories/28571

http://secunia.com/advisories/28592

http://secunia.com/advisories/28621

http://secunia.com/advisories/28718

http://secunia.com/advisories/28843

http://secunia.com/advisories/28885

http://secunia.com/advisories/28941

http://secunia.com/advisories/29139

http://secunia.com/advisories/29420

http://secunia.com/advisories/29622

http://secunia.com/advisories/29707

http://secunia.com/advisories/30161

http://secunia.com/advisories/32545

http://security.gentoo.org/glsa/glsa-200801-09.xml

http://security.gentoo.org/glsa/glsa-200804-05.xml

http://securitytracker.com/id?1019232

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103192-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-201230-1

http://support.avaya.com/elmodocs2/security/ASA-2008-038.htm

http://support.avaya.com/elmodocs2/security/ASA-2008-077.htm

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

http://www.kb.cert.org/vuls/id/203220

http://www.mandriva.com/security/advisories?name=MDVSA-2008:021

http://www.mandriva.com/security/advisories?name=MDVSA-2008:022

http://www.mandriva.com/security/advisories?name=MDVSA-2008:024

http://www.openbsd.org/errata41.html#012_xorg

http://www.openbsd.org/errata42.html#006_xorg

http://www.redhat.com/support/errata/RHSA-2008-0029.html

http://www.redhat.com/support/errata/RHSA-2008-0030.html

http://www.redhat.com/support/errata/RHSA-2008-0064.html

http://www.securityfocus.com/archive/1/487335/100/0/threaded

http://www.securityfocus.com/bid/27336

http://www.securityfocus.com/bid/27352

http://www.vupen.com/english/advisories/2008/0179

http://www.vupen.com/english/advisories/2008/0184

http://www.vupen.com/english/advisories/2008/0497/references

http://www.vupen.com/english/advisories/2008/0703

http://www.vupen.com/english/advisories/2008/0924/references

http://www.vupen.com/english/advisories/2008/3000

http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities

https://bugzilla.redhat.com/show_bug.cgi?id=428044

https://exchange.xforce.ibmcloud.com/vulnerabilities/39767

https://issues.rpath.com/browse/RPL-2010

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10021

https://usn.ubuntu.com/571-1/

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00674.html

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html

https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00771.html

Details

Source: MITRE

Published: 2008-01-18

Updated: 2018-10-15

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (37 total)

IDNameProductFamilySeverity
130509Solaris 10 (sparc) : 125719-60NessusSolaris Local Security Checks
high
107439Solaris 10 (sparc) : 125719-57NessusSolaris Local Security Checks
high
107438Solaris 10 (sparc) : 125719-56NessusSolaris Local Security Checks
high
107437Solaris 10 (sparc) : 125719-55NessusSolaris Local Security Checks
high
107436Solaris 10 (sparc) : 125719-54NessusSolaris Local Security Checks
high
107435Solaris 10 (sparc) : 125719-42NessusSolaris Local Security Checks
high
67644Oracle Linux 5 : libXfont (ELSA-2008-0064)NessusOracle Linux Local Security Checks
high
67635Oracle Linux 4 : xorg-x11 (ELSA-2008-0030)NessusOracle Linux Local Security Checks
high
67634Oracle Linux 3 : XFree86 (ELSA-2008-0029)NessusOracle Linux Local Security Checks
high
60349Scientific Linux Security Update : XFree86 on SL3.x i386/x86_64NessusScientific Linux Local Security Checks
high
60347Scientific Linux Security Update : xorg-x11 on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
60346Scientific Linux Security Update : libXfont on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
43671CentOS 5 : libXfont (CESA-2008:0064)NessusCentOS Local Security Checks
high
43667CentOS 4 : xorg-x11 (CESA-2008:0030)NessusCentOS Local Security Checks
high
37567Mandriva Linux Security Advisory : x11-server (MDVSA-2008:023)NessusMandriva Local Security Checks
high
36558Mandriva Linux Security Advisory : libxfont (MDVSA-2008:024)NessusMandriva Local Security Checks
high
34738HP-UX PHSS_38840 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2)NessusHP-UX Local Security Checks
high
34737HP-UX PHSS_37972 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2)NessusHP-UX Local Security Checks
high
34736HP-UX PHSS_34392 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2)NessusHP-UX Local Security Checks
high
31780SuSE 10 Security Update : Xgl (ZYPP Patch Number 5100)NessusSuSE Local Security Checks
high
31779openSUSE 10 Security Update : xgl (xgl-5099)NessusSuSE Local Security Checks
high
31605Mac OS X Multiple Vulnerabilities (Security Update 2008-002)NessusMacOS X Local Security Checks
critical
30088FreeBSD : xorg -- multiple vulnerabilities (fe2b6597-c9a4-11dc-8da8-0008a18a9961)NessusFreeBSD Local Security Checks
high
30079Fedora 7 : libXfont-1.2.9-3.fc7 (2008-0891)NessusFedora Local Security Checks
high
30076Fedora 7 : xorg-x11-server-1.3.0.0-15.fc7 (2008-0831)NessusFedora Local Security Checks
high
30074Fedora 8 : libXfont-1.3.1-2.fc8 (2008-0794)NessusFedora Local Security Checks
high
30073Fedora 8 : xorg-x11-server-1.3.0.0-39.fc8 (2008-0760)NessusFedora Local Security Checks
high
30059Debian DSA-1466-1 : xorg-server - several vulnerabilitiesNessusDebian Local Security Checks
high
30042Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : xorg-server regression (USN-571-2)NessusUbuntu Local Security Checks
high
30033GLSA-200801-09 : X.Org X server and Xfont library: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
30022CentOS 3 : XFree86 (CESA-2008:0029)NessusCentOS Local Security Checks
high
30019Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libxfont, xorg-server vulnerabilities (USN-571-1)NessusUbuntu Local Security Checks
high
30004RHEL 5 : libXfont (RHSA-2008:0064)NessusRed Hat Local Security Checks
high
30002RHEL 4 : xorg-x11 (RHSA-2008:0030)NessusRed Hat Local Security Checks
high
30001RHEL 2.1 / 3 : XFree86 (RHSA-2008:0029)NessusRed Hat Local Security Checks
high
26989Solaris 10 (sparc) : 125719-58 (deprecated)NessusSolaris Local Security Checks
high
23609Solaris 9 (x86) : 118908-06NessusSolaris Local Security Checks
high