exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2013-6462

Status Candidate

Overview

Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.

Related Files

Gentoo Linux Security Advisory 201402-23
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-23 - Multiple vulnerabilities have been found in libXfont, the worst of which allow for local privilege escalation. Versions less than 1.4.7 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2895, CVE-2013-6462
SHA-256 | 1cfd0d5f0fb45806d0f2f9036f3ae48ed7e9656364f91bdf2bfb40c33c748933
Mandriva Linux Security Advisory 2014-013
Posted Jan 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-013 - Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long string in a character name in a BDF font file. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-6462
SHA-256 | b0af7255ba31dc33177e93d56e6db8a83b8031f8aed0fa39e9a98030107af6e4
Slackware Security Advisory - libXfont Updates
Posted Jan 14, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libXfont packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-6462
SHA-256 | 6394a6219f519797e6e2a631308ba51c9b5e8024b626b8a34996b053a19ea42d
Red Hat Security Advisory 2014-0018-01
Posted Jan 10, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0018-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2013-6462
SHA-256 | 0f840c2a80d469348a2f0f6db12138d55905de6840034df20511234afa0c5b66
libXfont Stack Buffer Overflow
Posted Jan 9, 2014
Site x.org

X.Org Security Advisory - libXfont suffers from a stack buffer overflow vulnerability. A BDF font file containing a longer than expected string could overflow the buffer on the stack. As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.

tags | advisory, overflow, root
advisories | CVE-2013-6462
SHA-256 | 3bcdecafb3cc1fed2eb1c242b49f5841f609eb24401a54301f9f67a604973ec1
Ubuntu Security Notice USN-2078-1
Posted Jan 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2078-1 - It was discovered that libXfont incorrectly handled certain malformed BDF fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-6462
SHA-256 | a8d0fb9603d0b8ef1da182c41344b99320766a5306d3400fae58961c67e46a31
Debian Security Advisory 2838-1
Posted Jan 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2838-1 - It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts (BDF) could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-6462
SHA-256 | 0d0ec3a588776ba817f0148e8f3f841283ae79915fa2a75381e8a8ab716e2251
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close