Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxfont vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2017-13720
In the PatternMatch function in fontfile/fontdir.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of servi...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
3.6
CVSSv2
CVE-2017-13722
In the pcfGetProperties function in bitmap/pcfread.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash o...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
9.3
CVSSv2
CVE-2011-2895
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont prior to 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD prior to 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x prior to 5.0.3 and 5.1.x prior to 5.1.1, FreeTyp...
Openbsd Openbsd 2.8
Freetype Freetype 2.1.9
Netbsd Netbsd
X Libxfont 1.2.1
X Libxfont 1.2.7
X Libxfont 1.2.6
Openbsd Openbsd 3.1
X Libxfont 1.3.3
Openbsd Openbsd 3.3
Openbsd Openbsd 2.9
X Libxfont
X Libxfont 1.3.2
X Libxfont 1.3.4
Openbsd Openbsd 2.1
X Libxfont 1.3.1
Freebsd Freebsd
Openbsd Openbsd 2.2
X Libxfont 1.4.0
Openbsd Openbsd 2.0
Openbsd Openbsd 2.7
X Libxfont 1.2.4
X Libxfont 1.2.9
7.5
CVSSv2
CVE-2007-5199
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote malicious users to have unspecified impact.
X Libxfont 1.3.1
7.5
CVSSv2
CVE-2008-0006
Buffer overflow in (1) X.Org Xserver prior to 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent malicious users to execute arbitrary code via a PCF font with a large difference between the last col and first col va...
X.org Xserver
Sun Solaris Libxfont
Sun Solaris Libfont
4.9
CVSSv2
CVE-2017-16611
In libXfont prior to 1.5.4 and libXfont2 prior to 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 17.10
X Libxfont
8.5
CVSSv2
CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont prior to 20070403 and (2) freetype 2.3.2 and previous versions allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Xfree86 Project X11r6 4.3.0.2
Xfree86 Project X11r6 4.3.0
X.org Libxfont 1.2.2
Xfree86 Project X11r6 4.3.0.1
Rpath Rpath Linux 1
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 4.0
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
Mandrakesoft Mandrake Multi Network Firewall 2.0
3.8
CVSSv2
CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont prior to 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Mandrakesoft Mandrake Multi Network Firewall 2.0
X.org Libxfont 1.2.2
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Fedora Core Core 1.0
Redhat Linux 9.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 4.0
Slackware Slackware Linux 9.0
Slackware Slackware Linux 9.1
Slackware Slackware Linux Current
Turbolinux Turbolinux Desktop 10.0
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 4.1
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Rpath Linux 1
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
9.3
CVSSv2
CVE-2007-5760
Array index error in the XFree86-Misc extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via a PassMessage request containing a large array index.
X.org Xserver
Xfree86 Project Xfree86-misc
9.3
CVSSv2
CVE-2007-6427
The XInput extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
X.org X Server
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Apple Mac Os X
Fedoraproject Fedora 8
Fedoraproject Fedora 7
Opensuse Opensuse 10.2
Suse Linux Enterprise Server 9
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Open Enterprise Server -
Suse Linux 10.1
Suse Linux Enterprise Server 8
Suse Linux Enterprise Desktop 9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »