Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org x font server vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2017-13722
In the pcfGetProperties function in bitmap/pcfread.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash o...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
NA
CVE-2012-1699
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 prior to 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and...
X X.org X11 6.4
X X.org X11 6.6
X X.org X11 6.3
X X.org X11 6.0
X X.org X11 6.5.1
X X.org X11 6.1
Xfree86 Xfree86
NA
CVE-2008-0006
Buffer overflow in (1) X.Org Xserver prior to 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent malicious users to execute arbitrary code via a PCF font with a large difference between the last col and first col va...
X.org Xserver
Sun Solaris Libxfont
Sun Solaris Libfont
NA
CVE-2007-4568
Integer overflow in the build_range function in X.Org X Font Server (xfs) prior to 1.0.5 allows context-dependent malicious users to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer o...
X.org X Font Server 1.0.1
X.org X Font Server 1.0.2
X.org X Font Server 1.0.4
NA
CVE-2007-4990
The swap_char2b function in X.Org X Font Server (xfs) prior to 1.0.5 allows context-dependent malicious users to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped o...
X.org X Font Server
NA
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Linux
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux 4.0
1 EDB exploit
NA
CVE-2007-1003
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions prior to 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in...
X.org X11 7.1 1.1.0
NA
CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont prior to 20070403 and (2) freetype 2.3.2 and previous versions allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Xfree86 Project X11r6 4.3.0.2
Xfree86 Project X11r6 4.3.0
X.org Libxfont 1.2.2
Xfree86 Project X11r6 4.3.0.1
Rpath Rpath Linux 1
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 4.0
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
Mandrakesoft Mandrake Multi Network Firewall 2.0
NA
CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont prior to 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Mandrakesoft Mandrake Multi Network Firewall 2.0
X.org Libxfont 1.2.2
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Fedora Core Core 1.0
Redhat Linux 9.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 4.0
Slackware Slackware Linux 9.0
Slackware Slackware Linux 9.1
Slackware Slackware Linux Current
Turbolinux Turbolinux Desktop 10.0
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 4.1
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Rpath Linux 1
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
NA
CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
Xfree86 Project Xfree86 X
X.org X.org 6.8.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »