Vulnerability in Openbsd

CVE-2004-0083

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-…

EPSS: 0.212 (97.3th percentile) — read the EPSS interpretation.

Affected products

Openbsd — versions 3.3, 3.4
Xfree86_project X11r6 — versions 4.1.0, 4.1.11, 4.1.12
N/a — versions n/a

References

cve@mitre.org (vendor-advisory, x_refsource_SUSE)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (Exploit, Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
cve@mitre.org (vendor-advisory, x_refsource_GENTOO, Vendor Advisory)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_FEDORA, vendor-advisory)