exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2013-6462

Status Candidate

Overview

Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.

Related Files

Gentoo Linux Security Advisory 201402-23
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-23 - Multiple vulnerabilities have been found in libXfont, the worst of which allow for local privilege escalation. Versions less than 1.4.7 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2895, CVE-2013-6462
SHA-256 | 1cfd0d5f0fb45806d0f2f9036f3ae48ed7e9656364f91bdf2bfb40c33c748933
Mandriva Linux Security Advisory 2014-013
Posted Jan 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-013 - Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long string in a character name in a BDF font file. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-6462
SHA-256 | b0af7255ba31dc33177e93d56e6db8a83b8031f8aed0fa39e9a98030107af6e4
Slackware Security Advisory - libXfont Updates
Posted Jan 14, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libXfont packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-6462
SHA-256 | 6394a6219f519797e6e2a631308ba51c9b5e8024b626b8a34996b053a19ea42d
Red Hat Security Advisory 2014-0018-01
Posted Jan 10, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0018-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2013-6462
SHA-256 | 0f840c2a80d469348a2f0f6db12138d55905de6840034df20511234afa0c5b66
libXfont Stack Buffer Overflow
Posted Jan 9, 2014
Site x.org

X.Org Security Advisory - libXfont suffers from a stack buffer overflow vulnerability. A BDF font file containing a longer than expected string could overflow the buffer on the stack. As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.

tags | advisory, overflow, root
advisories | CVE-2013-6462
SHA-256 | 3bcdecafb3cc1fed2eb1c242b49f5841f609eb24401a54301f9f67a604973ec1
Ubuntu Security Notice USN-2078-1
Posted Jan 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2078-1 - It was discovered that libXfont incorrectly handled certain malformed BDF fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-6462
SHA-256 | a8d0fb9603d0b8ef1da182c41344b99320766a5306d3400fae58961c67e46a31
Debian Security Advisory 2838-1
Posted Jan 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2838-1 - It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts (BDF) could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-6462
SHA-256 | 0d0ec3a588776ba817f0148e8f3f841283ae79915fa2a75381e8a8ab716e2251
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close