Buffer overflow in X Libxfont
CVE-2014-0210
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_q…
Vulnerability class: Buffer Overflow
EPSS: 0.044 (90.0th percentile) — read the EPSS interpretation.
Affected products
- X Libxfont — versions 1.2.3, 1.2.4, 1.2.5
- Canonical Ubuntu_linux — versions 10.04, 12.04, 12.10
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ)
- secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (Vendor Advisory, mailing-list, x_refsource_MLIST)