CVE-2002-1317

XFS font server <9 - Buffer Overflow

Title source: llm

Description

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Exploits (1)

exploitdb WORKING POC VERIFIED

by TESO Security · perlremoteunix

https://www.exploit-db.com/exploits/22036

View Code ZIP pw:eip

References (13)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/advisories/4988

[Vendor Advisory] http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879

[Mailing List] http://marc.info/?l=bugtraq&m=103825150527843&w=2

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A149

[Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2002-34.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A152

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2816

[US Government Resource] http://www.kb.cert.org/vuls/id/312313

[Patch, Vendor Advisory] http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541

[Patch, Vendor Advisory] http://www.iss.net/security_center/static/10375.php

[Vendor Advisory] ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/6241

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/n-024.shtml

Scores

EPSS 0.5096

EPSS Percentile 97.9%

Details

Status published

Products (35)

hp/hp-ux 10.10

hp/hp-ux 10.20

hp/hp-ux 10.24

hp/hp-ux 11.00

hp/hp-ux 11.04

hp/hp-ux 11.11

hp/hp-ux 11.22

sgi/irix 6.5

sgi/irix 6.5.1

sgi/irix 6.5.2

... and 25 more

Published Dec 11, 2002

Tracked Since Feb 18, 2026