CVE-2007-1352

X.Org libXfont <20070403 - RCE

Title source: llm

Description

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

References (45)

[Various Sources] http://issues.foresightlinux.org/browse/FL-223

[Mailing List] http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html

[Mailing List] http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

[Various Sources] http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2007-0125.html

[Vendor Advisory] http://secunia.com/advisories/24741

[Patch, Vendor Advisory] http://secunia.com/advisories/24756

[Patch, Vendor Advisory] http://secunia.com/advisories/24770

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1

[Vendor Advisory] http://support.apple.com/kb/HT3438

[Vendor Advisory] http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2007:079

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2007:080

[Various Sources] http://www.openbsd.org/errata39.html#021_xorg

[Various Sources] http://www.openbsd.org/errata40.html#011_xorg

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0126.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0132.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23283

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1017857

[Vendor Advisory] http://www.ubuntu.com/usn/usn-448-1

... and 25 more

Scores

EPSS 0.0170

EPSS Percentile 82.0%

Classification

Status draft

Affected Products (44)

mandrakesoft/mandrake_multi_network_firewall

x.org/libxfont

redhat/enterprise_linux

redhat/enterprise_linux_desktop

... and 29 more

Timeline

Published Apr 06, 2007

Tracked Since Feb 18, 2026