CVE - CVE-2007-1351

CVE-ID
CVE-2007-1351	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2007-11-14 URL:http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html APPLE:APPLE-SA-2009-02-12 URL:http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BID:23283 URL:http://www.securityfocus.com/bid/23283 BID:23300 URL:http://www.securityfocus.com/bid/23300 BID:23402 URL:http://www.securityfocus.com/bid/23402 BUGTRAQ:20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs URL:http://www.securityfocus.com/archive/1/464686/100/0/threaded BUGTRAQ:20070405 FLEA-2007-0009-1: xorg-x11 freetype URL:http://www.securityfocus.com/archive/1/464816/100/0/threaded CONFIRM:http://issues.foresightlinux.org/browse/FL-223 CONFIRM:http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954 CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=498954 CONFIRM:http://support.apple.com/kb/HT3438 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm CONFIRM:https://issues.rpath.com/browse/RPL-1213 DEBIAN:DSA-1294 URL:http://www.debian.org/security/2007/dsa-1294 DEBIAN:DSA-1454 URL:http://www.debian.org/security/2008/dsa-1454 GENTOO:GLSA-200705-02 URL:http://security.gentoo.org/glsa/glsa-200705-02.xml GENTOO:GLSA-200705-10 URL:http://security.gentoo.org/glsa/glsa-200705-10.xml GENTOO:GLSA-200805-07 URL:http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml IDEFENSE:20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501 MANDRIVA:MDKSA-2007:079 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:079~~ (Obsolete source) MANDRIVA:MDKSA-2007:080 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:080~~ (Obsolete source) MANDRIVA:MDKSA-2007:081 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:081~~ (Obsolete source) MLIST:[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont URL:http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html OPENBSD:[3.9] 021: SECURITY FIX: April 4, 2007 URL:http://www.openbsd.org/errata39.html#021_xorg OPENBSD:[4.0] 011: SECURITY FIX: April 4, 2007 URL:http://www.openbsd.org/errata40.html#011_xorg OVAL:oval:org.mitre.oval:def:11266 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266 OVAL:oval:org.mitre.oval:def:1810 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810 REDHAT:RHSA-2007:0125 URL:http://rhn.redhat.com/errata/RHSA-2007-0125.html REDHAT:RHSA-2007:0126 URL:http://www.redhat.com/support/errata/RHSA-2007-0126.html REDHAT:RHSA-2007:0132 URL:http://www.redhat.com/support/errata/RHSA-2007-0132.html REDHAT:RHSA-2007:0150 URL:http://www.redhat.com/support/errata/RHSA-2007-0150.html SECTRACK:1017857 URL:http://www.securitytracker.com/id?1017857 SECUNIA:24741 URL:http://secunia.com/advisories/24741 SECUNIA:24745 URL:http://secunia.com/advisories/24745 SECUNIA:24756 URL:http://secunia.com/advisories/24756 SECUNIA:24758 URL:http://secunia.com/advisories/24758 SECUNIA:24765 URL:http://secunia.com/advisories/24765 SECUNIA:24768 URL:http://secunia.com/advisories/24768 SECUNIA:24770 URL:http://secunia.com/advisories/24770 SECUNIA:24771 URL:http://secunia.com/advisories/24771 SECUNIA:24772 URL:http://secunia.com/advisories/24772 SECUNIA:24776 URL:http://secunia.com/advisories/24776 SECUNIA:24791 URL:http://secunia.com/advisories/24791 SECUNIA:24885 URL:http://secunia.com/advisories/24885 SECUNIA:24889 URL:http://secunia.com/advisories/24889 SECUNIA:24921 URL:http://secunia.com/advisories/24921 SECUNIA:24996 URL:http://secunia.com/advisories/24996 SECUNIA:25004 URL:http://secunia.com/advisories/25004 SECUNIA:25006 URL:http://secunia.com/advisories/25006 SECUNIA:25096 URL:http://secunia.com/advisories/25096 SECUNIA:25195 URL:http://secunia.com/advisories/25195 SECUNIA:25216 URL:http://secunia.com/advisories/25216 SECUNIA:25305 URL:http://secunia.com/advisories/25305 SECUNIA:25495 URL:http://secunia.com/advisories/25495 SECUNIA:28333 URL:http://secunia.com/advisories/28333 SECUNIA:30161 URL:http://secunia.com/advisories/30161 SECUNIA:33937 URL:http://secunia.com/advisories/33937 SLACKWARE:SSA:2007-109-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733 SUNALERT:102886 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1~~ (Obsolete source) SUSE:SUSE-SA:2007:027 URL:http://www.novell.com/linux/security/advisories/2007_27_x.html SUSE:SUSE-SR:2007:006 URL:http://www.novell.com/linux/security/advisories/2007_6_sr.html TRUSTIX:2007-0013 URL:~~http://www.trustix.org/errata/2007/0013/~~ (Obsolete source - check if archived by the Wayback Machine) UBUNTU:USN-448-1 URL:http://www.ubuntu.com/usn/usn-448-1 VUPEN:ADV-2007-1217 URL:~~http://www.vupen.com/english/advisories/2007/1217~~ (Obsolete source) VUPEN:ADV-2007-1264 URL:~~http://www.vupen.com/english/advisories/2007/1264~~ (Obsolete source) VUPEN:ADV-2007-1548 URL:~~http://www.vupen.com/english/advisories/2007/1548~~ (Obsolete source) XF:xorg-bdf-font-bo(33417) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
Assigning CNA
Red Hat, Inc.
Date Record Created
20070308	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070308)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)