Oracle Solaris Third-Party Patch Update : xorg (cve_2013_6462_buffer_errors)
High Nessus Plugin ID 80820
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Stack-based buffer overflow in the bdfReadCharacters function in bitmap/ bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. (CVE-2013-6462)
SolutionUpgrade to Solaris 18.104.22.168.0.