FreeBSD : libXfont -- Stack buffer overflow in parsing of BDF font files in libXfont (28c575fa-784e-11e3-8249-001cc0380077)
High Nessus Plugin ID 71874
SynopsisThe remote FreeBSD host is missing a security-related update.
Descriptionfreedesktop.org reports :
A BDF font file containing a longer than expected string can cause a buffer overflow on the stack. Testing in X servers built with Stack Protector restulted in an immediate crash when reading a user-proveded specially crafted font.
As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.
SolutionUpdate the affected package.