OpenCVE

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:A/AC:M/Au:S/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mandrakesoft	Mandrake Linux Mandrake Linux Corporate Server Mandrake Multi Network Firewall
Openbsd	Openbsd
Redhat	Enterprise Linux Enterprise Linux Desktop Fedora Core Linux Linux Advanced Workstation
Rpath	Linux
Slackware	Slackware Linux
Turbolinux	Turbolinux Desktop
Ubuntu	Ubuntu Linux
X.org	Libxfont

Configuration 1 [-]

AND

OR	cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux:9.1::ppc:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux:9.2::amd64:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux:10.0::amd64:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux:2007:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux:2007::x86_64:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:::::

cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
	cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server_ia64:::::
	cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
	cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server_ia64:::::
	cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
	cpe:2.3:o:redhat:enterprise_linux:2.1::workstation_ia64:::::
	cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_server:::::
	cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
	cpe:2.3:o:redhat:enterprise_linux:3.0::workstation_server:::::
	cpe:2.3:o:redhat:enterprise_linux:4.0::advanced_server:::::
	cpe:2.3:o:redhat:enterprise_linux:4.0::enterprise_server:::::
	cpe:2.3:o:redhat:enterprise_linux:4.0::workstation:::::
	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0::client:::::
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0::client_workstation:::::
	cpe:2.3:o:redhat:fedora_core:core_1.0:::::::*
	cpe:2.3:o:redhat:linux:9.0::i386:::::
	cpe:2.3:o:redhat:linux_advanced_workstation:2.1::ia64:::::
	cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium:::::

Configuration 4 [-]

OR	cpe:2.3:o:slackware:slackware_linux:9.0:::::::*
	cpe:2.3:o:slackware:slackware_linux:9.1:::::::*
	cpe:2.3:o:slackware:slackware_linux:current:::::::*

Configuration 5 [-]

cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*

Configuration 6 [-]

OR	cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ia32:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ia64:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ppc:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:5.10::amd64:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:5.10::i386:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:5.10::powerpc:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:5.10::sparc:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::amd64:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::i386:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::powerpc:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::sparc:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.10::amd64:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.10::i386:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.10::powerpc:::::
	cpe:2.3:o:ubuntu:ubuntu_linux:6.10::sparc:::::

Configuration 7 [-]

cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*

Configuration 8 [-]

OR	cpe:2.3:o:openbsd:openbsd:3.9:::::::*
	cpe:2.3:o:openbsd:openbsd:4.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
XFree86-0:4.1.0-82.EL	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2007:0125	2007-04-03T00:00:00Z
Red Hat Enterprise Linux 3
XFree86-0:4.3.0-120.EL	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:0125	2007-04-03T00:00:00Z
Red Hat Enterprise Linux 4
xorg-x11-0:6.8.2-1.EL.13.37.7	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0126	2007-04-03T00:00:00Z
Red Hat Enterprise Linux 5
libXfont-0:1.2.2-1.0.2.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0132	2007-04-03T00:00:00Z

References

Link	Providers
http://issues.foresightlinux.org/browse/FL-223
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
http://rhn.redhat.com/errata/RHSA-2007-0125.html
http://secunia.com/advisories/24741
http://secunia.com/advisories/24745
http://secunia.com/advisories/24756
http://secunia.com/advisories/24758
http://secunia.com/advisories/24765
http://secunia.com/advisories/24770
http://secunia.com/advisories/24771
http://secunia.com/advisories/24772
http://secunia.com/advisories/24791
http://secunia.com/advisories/25004
http://secunia.com/advisories/25006
http://secunia.com/advisories/25195
http://secunia.com/advisories/25216
http://secunia.com/advisories/25305
http://secunia.com/advisories/33937
http://security.gentoo.org/glsa/glsa-200705-10.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
http://www.debian.org/security/2007/dsa-1294
http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
http://www.novell.com/linux/security/advisories/2007_27_x.html
http://www.openbsd.org/errata39.html#021_xorg
http://www.openbsd.org/errata40.html#011_xorg
http://www.redhat.com/support/errata/RHSA-2007-0126.html
http://www.redhat.com/support/errata/RHSA-2007-0132.html
http://www.securityfocus.com/archive/1/464686/100/0/threaded
http://www.securityfocus.com/archive/1/464816/100/0/threaded
http://www.securityfocus.com/bid/23283
http://www.securityfocus.com/bid/23300
http://www.securitytracker.com/id?1017857
http://www.ubuntu.com/usn/usn-448-1
http://www.vupen.com/english/advisories/2007/1217
http://www.vupen.com/english/advisories/2007/1548
https://exchange.xforce.ibmcloud.com/vulnerabilities/33419
https://issues.rpath.com/browse/RPL-1213
https://nvd.nist.gov/vuln/detail/CVE-2007-1352
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243
https://www.cve.org/CVERecord?id=CVE-2007-1352

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2007-04-06T01:00:00

Updated: 2024-08-07T12:50:35.267Z

Reserved: 2007-03-08T00:00:00

Link: CVE-2007-1352

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-04-06T01:19:00.000

Modified: 2018-10-16T16:38:09.313

Link: CVE-2007-1352

Redhat

Severity : Important

Publid Date: 2007-04-03T00:00:00Z

Links: CVE-2007-1352 - Bugzilla

Metrics

Access Vector Adjacent Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Adjacent Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object