Gentoo Linux Security Advisory 201402-23 - Multiple vulnerabilities have been found in libXfont, the worst of which allow for local privilege escalation. Versions less than 1.4.7 are affected.
1cfd0d5f0fb45806d0f2f9036f3ae48ed7e9656364f91bdf2bfb40c33c748933Mandriva Linux Security Advisory 2014-013 - Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long string in a character name in a BDF font file. The updated packages have been patched to correct this issue.
b0af7255ba31dc33177e93d56e6db8a83b8031f8aed0fa39e9a98030107af6e4Slackware Security Advisory - New libXfont packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
6394a6219f519797e6e2a631308ba51c9b5e8024b626b8a34996b053a19ea42dRed Hat Security Advisory 2014-0018-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.
0f840c2a80d469348a2f0f6db12138d55905de6840034df20511234afa0c5b66X.Org Security Advisory - libXfont suffers from a stack buffer overflow vulnerability. A BDF font file containing a longer than expected string could overflow the buffer on the stack. As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.
3bcdecafb3cc1fed2eb1c242b49f5841f609eb24401a54301f9f67a604973ec1Ubuntu Security Notice 2078-1 - It was discovered that libXfont incorrectly handled certain malformed BDF fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
a8d0fb9603d0b8ef1da182c41344b99320766a5306d3400fae58961c67e46a31Debian Linux Security Advisory 2838-1 - It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts (BDF) could result in the execution of arbitrary code.
0d0ec3a588776ba817f0148e8f3f841283ae79915fa2a75381e8a8ab716e2251
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed