CVE-2007-1352

12 documents8 sources

Severity

3.8LOW

EPSS

1.7%

top 17.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Multi Network Firewall Openbsd Openbsd Redhat Enterprise Linux +9 more

Timeline

PublishedApr 6

Latest updateMay 1

Description

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

CVSS vector

AV:A/AC:M/C:N/I:P/A:PExploitability: 4.4 | Impact: 4.9

Affected Packages11 packages

▶Debianlibxfont< 1:1.2.2-2+3

▶NVDx.org/libxfont1.2.2

▶NVDrpath/linux1

▶NVDredhat/linux9.0

▶NVDopenbsd/openbsd3.9, 4.0+1

Also affects: Ubuntu Linux 4.1, 5.10, 6.06_lts, 6.10, Enterprise Linux 2.1, 3.0, 4.0

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-75c4-gh94-3wrw: Integer overflow in the FontFileInitTable function in X↗2022-05-01

▶

CVEList

CVE-2007-1352: Integer overflow in the FontFileInitTable function in X↗2007-04-06

▶

OSV

CVE-2007-1352: Integer overflow in the FontFileInitTable function in X↗2007-04-06

▶

📋Vendor Advisories

Red Hat

Multiple font integer overflows (CVE-2007-1352)↗2007-04-03

▶

Ubuntu

X.org vulnerabilities↗2007-04-03

▶

Red Hat

Multiple font integer overflows (CVE-2007-1352)↗2007-04-03

▶

Debian

CVE-2007-1352: libxfont - Integer overflow in the FontFileInitTable function in X.Org libXfont before 2007...↗2007

▶

💬Community

Bugzilla

CVE-2007-1351 Multiple font integer overflows (CVE-2007-1352)↗2007-04-04

▶

Bugzilla

CVE-2007-1351 Multiple font integer overflows (CVE-2007-1352)↗2007-03-26

▶

Bugzilla

CVE-2007-1351 Multiple font integer overflows (CVE-2007-1352)↗2007-03-26

▶

Bugzilla

CVE-2007-1351 Multiple font integer overflows (CVE-2007-1352)↗2007-03-26

▶