Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:820006
HistoryDec 07, 2004 - 12:00 a.m.

XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file

2004-12-0700:00:00
www.kb.cert.org
26

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.033 Low

EPSS

Percentile

91.3%

JSON

Overview

XFree86 contains a vulnerability in the parsing of the ‘fonts.alias’ file, which could be exploited by a local user to execute arbitrary code with elevated privileges.

Description

XFree86 contains a flaw during the processing of the ‘fonts.alias’ file. XFree86 is an implementation of the X Window System. The ‘fonts.alias’ file is used to map new names to existing fonts and must be placed in any directory of the font-path. When reading user input from the file it stores the user supplied data for the font directory in a fixed-length buffer. It fails to check the length of the user input, leading to a buffer overflow condition.

Impact

A local authenticated user may craft a ‘fonts.alias’ file to exploit this buffer overflow vulnerability, leading to execution of arbitrary code with root privileges. The local user must have privileges to write to one of the directories in the font-path to exploit this vulnerability.

Solution

Upgrade or Patch

This issue is resolved in XFree86 4.3.0.2. Upgrade or apply patches as specified by your vendor.

Vendor Information

820006

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Gentoo __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see GLSA 200402-02

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

IBM Corporation __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see IBM Support Document IY53508

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Mandriva, Inc. __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see CLSA-2004:821

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Mandriva, Inc. __ Affected

Notified: August 23, 2004 Updated: December 07, 2004

Status

Affected

Vendor Statement

MDKSA-2004:012 fixes both of these vulnerabilities.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The MDKSA-2004:012 advisory refers to both this vulnerability and VU#667502

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Red Hat, Inc. __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see RHSA-2004-059, RHSA-2004-060, and RHSA-2004-061

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

SCO __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see SCOSA-2004.2

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

SGI __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see SGI Advanced Linux Environment security update #12

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

SUSE Linux __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see SuSE-SA:2004-006

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Slackware __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see SSA:2004-043

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Sun Microsystems, Inc. __ Affected

Updated: October 26, 2005

Status

Affected

Vendor Statement

Sun confirms that the XFree86 vulnerabilities described in CERT Vulnerability Notes VU#667502 and VU#820006 affect the following versions of Solaris:

Solaris 7, 8, and 9

Solaris 10 is not impacted by these vulnerabilities. Sun has released Sun Alert 57768 which describes the Solaris specific impact, contributing factors, workaround options, and resolution. The Sun Alert is available here:

<http://sunsolve.Sun.COM/search/document.do?assetkey=1-26-57768-1&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

TurboLinux __ Affected

Updated: December 07, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see TLSA-2004-5

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Apple Computer, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Avaya __ Unknown

Updated: June 06, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Berkeley Software Design, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Cray Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Debian Linux __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

EMC Corporation __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Engarde __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

FreeBSD, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Fujitsu __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Hewlett-Packard Company __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Hitachi __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Immunix __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Ingrian Networks, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Juniper Networks, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

MontaVista Software, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

NEC Corporation __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

NETBSD __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Nokia __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Novell, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

OpenBSD __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Openwall GNU/*/Linux __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Sequent Computer Systems, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Sony Corporation __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Unisys __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

Wind River Systems, Inc. __ Unknown

Updated: December 07, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23820006 Feedback>).

View all 36 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was reported by Greg MacManus.

This document was written by Will Dormann.

Other Information

CVE IDs: CVE-2004-0083
Severity Metric: 9.62 Date Public:

Related

gentoo 1
securityvulns 3
openvas 12
nessus 11
redhat 2
ubuntucve 3
cve 3
slackware 1
freebsd 2
suse 1
debian 1
osv 1
gentoo
gentoo
XFree86 Font Information File Buffer Overflow
2004-02-11 00:00:00
securityvulns
securityvulns
iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow
2004-02-11 00:00:00
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200402-02 (200402-02)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200402-02 (200402-02)
2008-09-24 00:00:00
FreeBSD Ports: XFree86-Server
2008-09-04 00:00:00
nessus
nessus
GLSA-200402-02 : XFree86 Font Information File Buffer Overflow
2004-08-30 00:00:00
RHEL 3 : XFree86 (RHSA-2004:061)
2004-07-06 00:00:00
SuSE-SA:2004:006: xf86/XFree86
2004-07-25 00:00:00
redhat
redhat
(RHSA-2004:061) XFree86 security update
2004-02-16 00:00:00
(RHSA-2004:060) XFree86 security update
2004-02-13 00:00:00
ubuntucve
ubuntucve
CVE-2004-0083
2004-03-03 00:00:00
CVE-2004-0106
2004-03-03 00:00:00
CVE-2004-0084
2004-03-03 00:00:00
cve
cve
CVE-2004-0083
2004-03-03 05:00:00
CVE-2004-0084
2004-03-03 05:00:00
CVE-2004-0106
2004-03-03 05:00:00
slackware
slackware
XFree86 security update
2004-02-12 12:19:25
freebsd
freebsd
Buffer overflows in XFree86 servers
2004-02-10 00:00:00
linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-09-27 00:00:00
suse
suse
local privilege escalation in xf86/XFree86
2004-02-23 16:37:48
debian
debian
[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities
2004-02-20 06:58:37
osv
osv
xfree86 - several vulnerabilities
2004-02-19 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.033 Low

EPSS

Percentile

91.3%

JSON
Related for VU:820006
gentoo1securityvulns3openvas12nessus11redhat2ubuntucve3cve3slackware1freebsd2suse1debian1osv1