NVD

Id
53536  
Name
CVE-2007-1351  
Description
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.  
Reject
 
CVSS Version
2  
CVSS Score
8.5  
Severity
High  
CVSS Base Score
8.5  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-04-05  
Modified Date
2016-12-06  
Seq
2007-1351  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
271151 53536 CVE-2007-1351 http://issues.foresightlinux.org/browse/FL-223  View
271152 53536 CVE-2007-1351 20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability  View
271153 53536 CVE-2007-1351 APPLE-SA-2007-11-14  View
271154 53536 CVE-2007-1351 APPLE-SA-2009-02-12  View
271155 53536 CVE-2007-1351 [xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont  View
271156 53536 CVE-2007-1351 oval:org.mitre.oval:def:11266  View
271157 53536 CVE-2007-1351 oval:org.mitre.oval:def:1810  View
271158 53536 CVE-2007-1351 RHSA-2007:0125  View
271159 53536 CVE-2007-1351 GLSA-200705-02  View
271160 53536 CVE-2007-1351 GLSA-200705-10  View
271161 53536 CVE-2007-1351 SSA:2007-109-01  View
271162 53536 CVE-2007-1351 http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954  View
271163 53536 CVE-2007-1351 http://sourceforge.net/project/shownotes.php?release_id=498954  View
271164 53536 CVE-2007-1351 102886  View
271165 53536 CVE-2007-1351 http://support.apple.com/kb/HT3438  View
271166 53536 CVE-2007-1351 http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm  View
271167 53536 CVE-2007-1351 http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm  View
271168 53536 CVE-2007-1351 DSA-1294  View
271169 53536 CVE-2007-1351 DSA-1454  View
271170 53536 CVE-2007-1351 GLSA-200805-07  View
271171 53536 CVE-2007-1351 MDKSA-2007:079  View
271172 53536 CVE-2007-1351 MDKSA-2007:080  View
271173 53536 CVE-2007-1351 MDKSA-2007:081  View
271174 53536 CVE-2007-1351 SUSE-SA:2007:027  View
271175 53536 CVE-2007-1351 SUSE-SR:2007:006  View
271176 53536 CVE-2007-1351 [3.9] 021: SECURITY FIX: April 4, 2007  View
271177 53536 CVE-2007-1351 [4.0] 011: SECURITY FIX: April 4, 2007  View
271178 53536 CVE-2007-1351 RHSA-2007:0126  View
271179 53536 CVE-2007-1351 RHSA-2007:0132  View
271180 53536 CVE-2007-1351 RHSA-2007:0150  View
271181 53536 CVE-2007-1351 20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs  View
271182 53536 CVE-2007-1351 20070405 FLEA-2007-0009-1: xorg-x11 freetype  View
271183 53536 CVE-2007-1351 23283  View
271184 53536 CVE-2007-1351 23300  View
271185 53536 CVE-2007-1351 23402  View
271186 53536 CVE-2007-1351 1017857  View
271187 53536 CVE-2007-1351 USN-448-1  View
271188 53536 CVE-2007-1351 ADV-2007-1217  View
271189 53536 CVE-2007-1351 ADV-2007-1264  View
271190 53536 CVE-2007-1351 ADV-2007-1548  View
271191 53536 CVE-2007-1351 xorg-bdf-font-bo(33417)  View
271192 53536 CVE-2007-1351 https://issues.rpath.com/browse/RPL-1213  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
51590 JVNDB-2007-000252 X.Org および XFree86 の libfont における整数オーバーフローの脆弱性 X.Org および XFree86 の libXfont で使用される bdfReadCharacters() 関数において BDF フォントの解析に不備が存在するため、整数オーバーフローが発生する脆弱性が存在します。同様の脆弱性が FreeType にも存在します。 CVE-2007-1351 24706 CVE-2007-1351 53536 8.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000252.html 2007-04-03 2009-03-12 View