This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote SuSE 11 host is missing one or more security updates.
LibXFont was updated to fix security problems that could be used by
local attackers to gain X server privileges (root).
The following security issues have been fixed :
- The bdf parser reads a count for the number of
properties defined in a font from the font file, and
allocates arrays with entries for each property based on
that count. It never checked to see if that count was
negative, or large enough to overflow when multiplied by
the size of the structures being allocated, and could
thus allocate the wrong buffer size, leading to out of
bounds writes. (CVE-2015-1802)
- If the bdf parser failed to parse the data for the
bitmap for any character, it would proceed with an
invalid pointer to the bitmap data and later crash when
trying to read the bitmap from that pointer.
- The bdf parser read metrics values as 32-bit integers,
but stored them into 16-bit integers. Overflows could
occur in various operations leading to out-of-bounds
memory access. (CVE-2015-1804)
See also :
Apply SAT patch number 10487.
Risk factor :
High / CVSS Base Score : 8.5