iDefense Security Advisory 04.03.07 - Local exploitation of an integer overflow vulnerability in multiple vendors' implementations of the X Window System server BDF font parsing component could allow execution of arbitrary commands with elevated privileges. The vulnerability specifically exists in the parsing of BDF fonts. When the X server encounters a specially crafted BDF font, an integer overflow occurs leading to a potentially exploitable heap overflow condition. iDefense has confirmed the existence of this vulnerability in X.Org X11R7.1. Older versions are suspected to be vulnerable. Additionally, it is reported that the freetype library is also vulnerable.
5b3a3d520e2e2d171cccc8c7b16c74563a20141daff91279318106380bdda62d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed