CVE-2007-1352 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-1352
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1352

Description: Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33419 UBUNTU http://www.ubuntu.com/usn/usn-448-1 SUSE http://www.novell.com/linux/security/advisories/2007_27_x.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1 ST 1017857 SAID Secunia Advisory: SA25004 Secunia Advisory: SA24791 Secunia Advisory: SA24772 Secunia Advisory: SA24771 Secunia Advisory: SA24765 Secunia Advisory: SA24758 Secunia Advisory: SA24745 Secunia Advisory: SA24770 Secunia Advisory: SA24756 Secunia Advisory: SA24741 Secunia Advisory: SA25006 Secunia Advisory: SA25195 Secunia Advisory: SA25216 Secunia Advisory: SA25305 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0126.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://www.redhat.com/support/errata/RHSA-2007-0132.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13243 OPENBSD http://www.openbsd.org/errata39.html#021_xorg http://www.openbsd.org/errata40.html#011_xorg MLIST http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:079 http://www.mandriva.com/security/advisories?name=MDKSA-2007:080 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502 GENTOO http://security.gentoo.org/glsa/glsa-200705-10.xml DEBIAN http://www.debian.org/security/2007/dsa-1294 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm http://issues.foresightlinux.org/browse/FL-223 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/464686/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/464816/100/0/threaded BID 23283 23300 APPLE http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html

Return to the previous page.