9.3

CVE-2011-2895

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreetypeFreetype Version2.1.9
XLibxfont Version <= 1.4.3
XLibxfont Version1.2.0
XLibxfont Version1.2.1
XLibxfont Version1.2.2
XLibxfont Version1.2.3
XLibxfont Version1.2.4
XLibxfont Version1.2.5
XLibxfont Version1.2.6
XLibxfont Version1.2.7
XLibxfont Version1.2.8
XLibxfont Version1.2.9
XLibxfont Version1.3.0
XLibxfont Version1.3.1
XLibxfont Version1.3.2
XLibxfont Version1.3.3
XLibxfont Version1.3.4
XLibxfont Version1.4.0
XLibxfont Version1.4.1
XLibxfont Version1.4.2
OpenbsdOpenbsd Version <= 3.7
OpenbsdOpenbsd Version2.0
OpenbsdOpenbsd Version2.1
OpenbsdOpenbsd Version2.2
OpenbsdOpenbsd Version2.3
OpenbsdOpenbsd Version2.4
OpenbsdOpenbsd Version2.5
OpenbsdOpenbsd Version2.6
OpenbsdOpenbsd Version2.7
OpenbsdOpenbsd Version2.8
OpenbsdOpenbsd Version2.9
OpenbsdOpenbsd Version3.0
OpenbsdOpenbsd Version3.1
OpenbsdOpenbsd Version3.2
OpenbsdOpenbsd Version3.3
OpenbsdOpenbsd Version3.4
OpenbsdOpenbsd Version3.5
OpenbsdOpenbsd Version3.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.36% 0.942
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://support.apple.com/kb/HT5130
http://secunia.com/advisories/48951
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://support.apple.com/kb/HT5281
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Patch
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Patch
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Patch
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
http://secunia.com/advisories/45544
Vendor Advisory
http://secunia.com/advisories/45568
Vendor Advisory
http://secunia.com/advisories/45599
Vendor Advisory
http://secunia.com/advisories/45986
http://secunia.com/advisories/46127
http://securitytracker.com/id?1025920
http://www.debian.org/security/2011/dsa-2293
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
http://www.openwall.com/lists/oss-security/2011/08/10/10
http://www.redhat.com/support/errata/RHSA-2011-1154.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1155.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1161.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1834.html
http://www.securityfocus.com/bid/49124
http://www.ubuntu.com/usn/USN-1191-1
https://bugzilla.redhat.com/show_bug.cgi?id=725760
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=727624
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
https://support.apple.com/HT205635
https://support.apple.com/HT205637
https://support.apple.com/HT205640
https://support.apple.com/HT205641