CVE Reference: CVE-2004-0084

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2004-0084

Description:
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/15200

SUSE
  http://www.novell.com/linux/security/advisories/2004_06_xf86.html

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1

SLACKWARE
  http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053

REDHAT
  http://www.redhat.com/support/errata/RHSA-2004-061.html
  http://www.redhat.com/support/errata/RHSA-2004-060.html
  http://www.redhat.com/support/errata/RHSA-2004-059.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:807
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:831
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10405

MISC
  http://www.idefense.com/application/poi/display?id=73

MANDRAKE
  http://www.mandriva.com/security/advisories?name=MDKSA-2004:012

FEDORA
  http://marc.theaimsgroup.com/?l=bugtraq&m=110979666528890&w=2

DEBIAN
  http://www.debian.org/security/2004/dsa-443

CONECTIVA
  http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821

CERT-VN
  667502

BUGTRAQ
  http://marc.theaimsgroup.com/?l=bugtraq&m=107662833512775&w=2

BID
  9652


Return to the previous page.