8.5
CVE-2015-1804
- EPSS 2.44%
- Veröffentlicht 20.03.2015 14:59:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
X ≫ Libxfont Version <= 1.4.8
Canonical ≫ Ubuntu Linux Version10.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.10
Debian ≫ Debian Linux Version7.0
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.10
Debian ≫ Debian Linux Version7.0
X ≫ Libxfont Version1.5.0
Canonical ≫ Ubuntu Linux Version10.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.10
Debian ≫ Debian Linux Version7.0
Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version14.10
Debian ≫ Debian Linux Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.44% | 0.847 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.5 | 6.8 | 10 |
AV:N/AC:M/Au:S/C:C/I:C/A:C
|