10

CVE-2004-0083

Exploit
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Xfree86 ProjectX11r6 Version4.1.0
Xfree86 ProjectX11r6 Version4.1.11
Xfree86 ProjectX11r6 Version4.1.12
Xfree86 ProjectX11r6 Version4.2.0
Xfree86 ProjectX11r6 Version4.2.1
Xfree86 ProjectX11r6 Version4.2.1 Editionerrata
Xfree86 ProjectX11r6 Version4.3.0
OpenbsdOpenbsd Version3.3
OpenbsdOpenbsd Version3.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 21.18% 0.973
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.debian.org/security/2004/dsa-443
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053
http://marc.info/?l=bugtraq&m=107644835523678&w=2
http://marc.info/?l=bugtraq&m=107653324115914&w=2
http://marc.info/?l=bugtraq&m=110979666528890&w=2
http://security.gentoo.org/glsa/glsa-200402-02.xml
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1
http://www.idefense.com/application/poi/display?id=72
http://www.kb.cert.org/vuls/id/820006
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2004:012
http://www.novell.com/linux/security/advisories/2004_06_xf86.html
http://www.redhat.com/support/errata/RHSA-2004-059.html
http://www.redhat.com/support/errata/RHSA-2004-060.html
http://www.redhat.com/support/errata/RHSA-2004-061.html
http://www.securityfocus.com/bid/9636
Patch
Vendor Advisory
Exploit
http://www.xfree86.org/cvs/changes
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15130
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A806
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9612