CVE-2001-0955Improper Restriction of Operations within the Bounds of a Memory Buffer in Project X11r6

3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 76.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Xfree86 Project X11r6
Timeline
PublishedSep 22
Latest updateApr 30

Description

Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDxfree86_project/x11r64.0, 4.0.1, 4.0.3+2

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-v8xr-r568-8jxh: Buffer overflow in fbglyph2022-04-30
CVEList
CVE-2001-0955: Buffer overflow in fbglyph2002-02-02
CVE-2001-0955 — Xfree86 Project X11r6 vulnerability | cvebase