CVE-2008-0006 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0006
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0006

Description: Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39767 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-571-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103192-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-201230-1 ST 1019232 SAID Secunia Advisory: SA29420 Secunia Advisory: SA29139 Secunia Advisory: SA28941 Secunia Advisory: SA28885 Secunia Advisory: SA28843 Secunia Advisory: SA28718 Secunia Advisory: SA28621 Secunia Advisory: SA28571 Secunia Advisory: SA28592 Secunia Advisory: SA28500 Secunia Advisory: SA28273 Secunia Advisory: SA28550 Secunia Advisory: SA28544 Secunia Advisory: SA28542 Secunia Advisory: SA28540 Secunia Advisory: SA28536 Secunia Advisory: SA28535 Secunia Advisory: SA28532 Secunia Advisory: SA29622 Secunia Advisory: SA29707 Secunia Advisory: SA30161 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0029.html http://www.redhat.com/support/errata/RHSA-2008-0030.html http://www.redhat.com/support/errata/RHSA-2008-0064.html OPENBSD http://www.openbsd.org/errata42.html#006_xorg http://www.openbsd.org/errata41.html#012_xorg MLIST http://lists.freedesktop.org/archives/xorg/2008-January/031918.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 http://www.mandriva.com/security/advisories?name=MDVSA-2008:024 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml http://security.gentoo.org/glsa/glsa-200804-05.xml http://security.gentoo.org/glsa/glsa-200801-09.xml FEDORA CONFIRM http://docs.info.apple.com/article.html?artnum=307562 http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities http://support.avaya.com/elmodocs2/security/ASA-2008-077.htm http://bugs.gentoo.org/show_bug.cgi?id=204362 http://support.avaya.com/elmodocs2/security/ASA-2008-038.htm CERT-VN 203220 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/487335/100/0/threaded BID 27352 27336 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.