TrueType Font Server for X11 (xfstt) Malformed Packet Remote Overflow

Critical Nessus Plugin ID 11814


The font service running on the remote host has a remote buffer overflow vulnerability.


The remote X Font Service for TrueType (xfstt) is vulnerable to a remote buffer overflow which may lead to code execution as root or a denial of service.


Upgrade to the latest version of xfstt.

See Also

Plugin Details

Severity: Critical

ID: 11814

File Name: xfstt_overflow.nasl

Version: $Revision: 1.20 $

Type: remote

Published: 2003/08/01

Modified: 2016/11/01

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2003/07/14

Reference Information

CVE: CVE-2003-0581

BID: 8182

OSVDB: 11803

Secunia: 9271