The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont prior to 1.4.9 and 1.5.x prior to 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
x libxfont |
||
x libxfont 1.5.0 |