cbcvebase.
CVE-2015-1803
published 2015-03-20

CVE-2015-1803: The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot…

PriorityP343high8.5CVSS 2.0
AVNACMAuSCCICAC
EPSS
4.90%
91.0th percentile
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.

Affected

12 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debianlibxfont< libxfont 1:1.5.1-1 (bookworm)libxfont 1:1.5.1-1 (bookworm)
x.orglibxfont>= 0 < 1:1.5.1-11:1.5.1-1
x.orglibxfont>= 0 < 1:1.5.1-11:1.5.1-1
x.orglibxfont>= 0 < 1:1.5.1-11:1.5.1-1
x.orglibxfont>= 0 < 1:1.5.1-11:1.5.1-1
xlibxfont<= 1.4.8
xlibxfont

CVSS provenance

nvdv2.08.5HIGHAV:N/AC:M/Au:S/C:C/I:C/A:C
osv8.5HIGH
vendor_debian8.5HIGH
vendor_redhat8.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.