8.5
CVE-2007-1351
- EPSS 5.59%
- Veröffentlicht 06.04.2007 01:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:24
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ubuntu ≫ Ubuntu Linux Version5.10 Editionamd64
Ubuntu ≫ Ubuntu Linux Version5.10 Editioni386
Ubuntu ≫ Ubuntu Linux Version5.10 Editionpowerpc
Ubuntu ≫ Ubuntu Linux Version5.10 Editionsparc
Ubuntu ≫ Ubuntu Linux Version6.06_lts Editionamd64
Ubuntu ≫ Ubuntu Linux Version6.06_lts Editioni386
Ubuntu ≫ Ubuntu Linux Version6.06_lts Editionpowerpc
Ubuntu ≫ Ubuntu Linux Version6.06_lts Editionsparc
Ubuntu ≫ Ubuntu Linux Version6.10 Editionamd64
Ubuntu ≫ Ubuntu Linux Version6.10 Editioni386
Ubuntu ≫ Ubuntu Linux Version6.10 Editionpowerpc
Ubuntu ≫ Ubuntu Linux Version6.10 Editionsparc
Xfree86 Project ≫ X11r6 Version4.3.0
Xfree86 Project ≫ X11r6 Version4.3.0.1
Xfree86 Project ≫ X11r6 Version4.3.0.2
Rpath ≫ Rpath Linux Version1
Redhat ≫ Enterprise Linux Version2.1 Editionadvanced_server
Redhat ≫ Enterprise Linux Version2.1 Editionadvanced_server_ia64
Redhat ≫ Enterprise Linux Version2.1 Editionenterprise_server
Redhat ≫ Enterprise Linux Version2.1 Editionenterprise_server_ia64
Redhat ≫ Enterprise Linux Version2.1 Editionworkstation
Redhat ≫ Enterprise Linux Version2.1 Editionworkstation_ia64
Redhat ≫ Enterprise Linux Version3.0 Editionadvanced_servers
Redhat ≫ Enterprise Linux Version3.0 Editionenterprise_server
Redhat ≫ Enterprise Linux Version3.0 Editionworkstation
Redhat ≫ Enterprise Linux Version4.0 Editionadvanced_server
Redhat ≫ Enterprise Linux Version4.0 Editionenterprise_server
Redhat ≫ Enterprise Linux Version4.0 Editionworkstation
Redhat ≫ Enterprise Linux Version5.0 Editiondesktop
Redhat ≫ Enterprise Linux Version5.0 Editiondesktop_workstation
Redhat ≫ Enterprise Linux Version5.0 Editionserver
Redhat ≫ Enterprise Linux Desktop Version3.0
Redhat ≫ Enterprise Linux Desktop Version4.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionia64
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Mandrakesoft ≫ Mandrake Multi Network Firewall Version2.0
Mandrakesoft ≫ Mandrake Linux Version2007
Mandrakesoft ≫ Mandrake Linux Version2007 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0
Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Corporate Server Version4.0
Mandrakesoft ≫ Mandrake Linux Corporate Server Version4.0 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Version2007 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0
Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Corporate Server Version4.0
Mandrakesoft ≫ Mandrake Linux Corporate Server Version4.0 Editionx86_64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.59% | 0.919 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.5 | 6.8 | 10 |
AV:N/AC:M/Au:S/C:C/I:C/A:C
|
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://secunia.com/advisories/33937
http://support.apple.com/kb/HT3438
http://secunia.com/advisories/30161
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://secunia.com/advisories/24889
http://www.novell.com/linux/security/advisories/2007_6_sr.html
http://issues.foresightlinux.org/browse/FL-223
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
http://rhn.redhat.com/errata/RHSA-2007-0125.html
http://secunia.com/advisories/24741
http://secunia.com/advisories/24745
http://secunia.com/advisories/24756
http://secunia.com/advisories/24758
http://secunia.com/advisories/24765
http://secunia.com/advisories/24771
http://secunia.com/advisories/24791
http://secunia.com/advisories/25004
http://secunia.com/advisories/25305
http://www.debian.org/security/2007/dsa-1294
http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
http://www.novell.com/linux/security/advisories/2007_27_x.html
http://www.openbsd.org/errata39.html#021_xorg
http://www.openbsd.org/errata40.html#011_xorg
http://www.redhat.com/support/errata/RHSA-2007-0126.html
http://www.securityfocus.com/archive/1/464686/100/0/threaded
http://www.securityfocus.com/archive/1/464816/100/0/threaded
http://www.securityfocus.com/bid/23300
http://www.vupen.com/english/advisories/2007/1217
https://issues.rpath.com/browse/RPL-1213
http://secunia.com/advisories/24770
http://secunia.com/advisories/24772
http://secunia.com/advisories/25006
http://secunia.com/advisories/25195
http://secunia.com/advisories/25216
http://security.gentoo.org/glsa/glsa-200705-10.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
http://www.securitytracker.com/id?1017857
http://www.ubuntu.com/usn/usn-448-1
http://www.vupen.com/english/advisories/2007/1548
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
http://secunia.com/advisories/24768
http://secunia.com/advisories/24776
http://secunia.com/advisories/24885
http://secunia.com/advisories/24921
http://secunia.com/advisories/24996
http://secunia.com/advisories/25096
http://secunia.com/advisories/25495
http://secunia.com/advisories/28333
http://security.gentoo.org/glsa/glsa-200705-02.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
http://sourceforge.net/project/shownotes.php?release_id=498954
http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
http://www.debian.org/security/2008/dsa-1454
http://www.mandriva.com/security/advisories?name=MDKSA-2007:081
http://www.redhat.com/support/errata/RHSA-2007-0132.html
http://www.redhat.com/support/errata/RHSA-2007-0150.html
http://www.securityfocus.com/bid/23283
http://www.securityfocus.com/bid/23402
http://www.trustix.org/errata/2007/0013/
http://www.vupen.com/english/advisories/2007/1264
https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810