CVE - CVE-2011-2895

CVE-ID
CVE-2011-2895	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1025920 URL:http://securitytracker.com/id?1025920 MISC:45544 URL:http://secunia.com/advisories/45544 MISC:45568 URL:http://secunia.com/advisories/45568 MISC:45599 URL:http://secunia.com/advisories/45599 MISC:45986 URL:http://secunia.com/advisories/45986 MISC:46127 URL:http://secunia.com/advisories/46127 MISC:48951 URL:http://secunia.com/advisories/48951 MISC:49124 URL:http://www.securityfocus.com/bid/49124 MISC:APPLE-SA-2012-02-01-1 URL:http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html MISC:APPLE-SA-2012-05-09-1 URL:http://lists.apple.com/archives/security-announce/2012/May/msg00001.html MISC:APPLE-SA-2015-12-08-1 URL:http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html MISC:APPLE-SA-2015-12-08-2 URL:http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html MISC:APPLE-SA-2015-12-08-3 URL:http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html MISC:APPLE-SA-2015-12-08-4 URL:http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html MISC:DSA-2293 URL:http://www.debian.org/security/2011/dsa-2293 MISC:MDVSA-2011:153 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2011:153~~ (Obsolete source) MISC:NetBSD-SA2011-007 URL:http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc MISC:RHSA-2011:1154 URL:http://www.redhat.com/support/errata/RHSA-2011-1154.html MISC:RHSA-2011:1155 URL:http://www.redhat.com/support/errata/RHSA-2011-1155.html MISC:RHSA-2011:1161 URL:http://www.redhat.com/support/errata/RHSA-2011-1161.html MISC:RHSA-2011:1834 URL:http://www.redhat.com/support/errata/RHSA-2011-1834.html MISC:SUSE-SU-2011:1035 URL:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html MISC:USN-1191-1 URL:http://www.ubuntu.com/usn/USN-1191-1 MISC:[oss-security] 20110810 LZW decompression issues URL:http://www.openwall.com/lists/oss-security/2011/08/10/10 MISC:[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption URL:http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html MISC:[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4 URL:http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html MISC:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 URL:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 MISC:http://support.apple.com/kb/HT5130 URL:http://support.apple.com/kb/HT5130 MISC:http://support.apple.com/kb/HT5281 URL:http://support.apple.com/kb/HT5281 MISC:http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17 URL:http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=725760 URL:https://bugzilla.redhat.com/show_bug.cgi?id=725760 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=727624 URL:https://bugzilla.redhat.com/show_bug.cgi?id=727624 MISC:https://support.apple.com/HT205635 URL:https://support.apple.com/HT205635 MISC:https://support.apple.com/HT205637 URL:https://support.apple.com/HT205637 MISC:https://support.apple.com/HT205640 URL:https://support.apple.com/HT205640 MISC:https://support.apple.com/HT205641 URL:https://support.apple.com/HT205641 MISC:openSUSE-SU-2011:1299 URL:http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html MISC:xorg-lzw-bo(69141) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Assigning CNA
Red Hat, Inc.
Date Record Created
20110727	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110727)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)