CVE-2008-0006
published 2008-01-18CVE-2008-0006: Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libxfont | < libxfont 1:1.3.1-2 (bookworm) | libxfont 1:1.3.1-2 (bookworm) |
| debian | xorg-server | < libxfont 1:1.3.1-2 (bookworm) | libxfont 1:1.3.1-2 (bookworm) |
| x.org | libxfont | >= 0 < 1:1.3.1-2 | 1:1.3.1-2 |
| x.org | libxfont | >= 0 < 1:1.3.1-2 | 1:1.3.1-2 |
| x.org | libxfont | >= 0 < 1:1.3.1-2 | 1:1.3.1-2 |
| x.org | libxfont | >= 0 < 1:1.3.1-2 | 1:1.3.1-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xserver | <= 1.4 | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH