Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.5
CVSSv2

CVE-2007-1351

Published: 06/04/2007 Updated: 16/10/2018
CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8
VMScore: 756
Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Subscribe to Ubuntu

Vulnerability Summary

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont prior to 20070403 and (2) freetype 2.3.2 and previous versions allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

ubuntu ubuntu linux 6.06_lts

ubuntu ubuntu linux 5.10

ubuntu ubuntu linux 6.10

x.org libxfont 1.2.2

xfree86 project x11r6 4.3.0

xfree86 project x11r6 4.3.0.1

xfree86 project x11r6 4.3.0.2

rpath rpath linux 1

redhat enterprise linux 2.1

redhat enterprise linux 4.0

redhat linux advanced workstation 2.1

redhat enterprise linux 3.0

redhat enterprise linux desktop 3.0

redhat enterprise linux desktop 4.0

redhat enterprise linux 5.0

openbsd openbsd 3.9

openbsd openbsd 4.0

mandrakesoft mandrake_multi_network_firewall 2.0

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-1351 bdf font overflows
Debian Bug report logs - #426771 CVE-2007-1351 bdf font overflows Package: freetype; Maintainer for freetype is Hugh McMaster <hughmcmaster@outlookcom>; Reported by: Kees Cook <kees@outfluxnet> Date: Wed, 30 May 2007 20:12:01 UTC Severity: important Tags: patch, security Found in versions 221-6, 221-5 Fixed i ...
Ubuntu Security Notice: freetype, libxfont, xorg, xorg-server vulnerabilities
Sean Larsson of iDefense Labs discovered that the MISC-XC extension of Xorg did not correctly verify the size of allocated memory An authenticated user could send a specially crafted X11 request and execute arbitrary code with root privileges (CVE-2007-1003) ...
Debian Security Advisories: DSA-1454-1 freetype -- integer overflow
Greg MacManus discovered an integer overflow in the font handling of libfreetype, a FreeType 2 font engine, which might lead to denial of service or possibly the execution of arbitrary code if a user is tricked into opening a malformed font For the old stable distribution (sarge) this problem will be fixed soon For the stable distribution (et ...
Debian Security Advisories: DSA-1294-1 xfree86 -- several vulnerabilities
Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1003 Sean Larsson discovered an integer overflow in the XC-MISC extension, which might lead to denial of service or local privilege escalat ...

References

CWE-189http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0126.htmlhttp://www.ubuntu.com/usn/usn-448-1http://www.securityfocus.com/bid/23283http://www.securitytracker.com/id?1017857http://secunia.com/advisories/24741http://secunia.com/advisories/24756http://secunia.com/advisories/24770http://issues.foresightlinux.org/browse/FL-223http://sourceforge.net/project/shownotes.php?release_id=498954https://issues.rpath.com/browse/RPL-1213http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954http://rhn.redhat.com/errata/RHSA-2007-0125.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0132.htmlhttp://secunia.com/advisories/24745http://secunia.com/advisories/24758http://secunia.com/advisories/24765http://secunia.com/advisories/24768http://secunia.com/advisories/24771http://secunia.com/advisories/24772http://secunia.com/advisories/24776http://secunia.com/advisories/24791http://www.redhat.com/support/errata/RHSA-2007-0150.htmlhttp://www.securityfocus.com/bid/23402http://secunia.com/advisories/24885http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733http://www.novell.com/linux/security/advisories/2007_6_sr.htmlhttp://www.novell.com/linux/security/advisories/2007_27_x.htmlhttp://secunia.com/advisories/24889http://secunia.com/advisories/25004http://secunia.com/advisories/24921http://secunia.com/advisories/24996http://www.openbsd.org/errata39.html#021_xorghttp://www.openbsd.org/errata40.html#011_xorghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1http://www.securityfocus.com/bid/23300http://secunia.com/advisories/25006http://security.gentoo.org/glsa/glsa-200705-02.xmlhttp://security.gentoo.org/glsa/glsa-200705-10.xmlhttp://secunia.com/advisories/25096http://secunia.com/advisories/25195http://support.avaya.com/elmodocs2/security/ASA-2007-178.htmhttp://secunia.com/advisories/25216http://support.avaya.com/elmodocs2/security/ASA-2007-193.htmhttp://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.htmlhttp://www.debian.org/security/2007/dsa-1294http://www.mandriva.com/security/advisories?name=MDKSA-2007:079http://www.mandriva.com/security/advisories?name=MDKSA-2007:080http://www.mandriva.com/security/advisories?name=MDKSA-2007:081http://secunia.com/advisories/25305http://secunia.com/advisories/25495http://www.debian.org/security/2008/dsa-1454http://secunia.com/advisories/28333http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlhttp://secunia.com/advisories/30161http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlhttp://secunia.com/advisories/33937http://support.apple.com/kb/HT3438http://www.vupen.com/english/advisories/2007/1548http://www.vupen.com/english/advisories/2007/1217http://www.vupen.com/english/advisories/2007/1264http://www.trustix.org/errata/2007/0013/https://exchange.xforce.ibmcloud.com/vulnerabilities/33417https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266http://www.securityfocus.com/archive/1/464816/100/0/threadedhttp://www.securityfocus.com/archive/1/464686/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426771https://usn.ubuntu.com/448-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook