CVE-2007-1351

🗓️ 06 Apr 2007 01:00:00Reported by redhatType

Integer overflow in bdfReadCharacters function in X.Org libXfont and freetype allows code execution via crafted BDF fonts

Reporter	Title	Published	Views	Family All 101
Tenable Nessus	CentOS 3 : XFree86 (CESA-2007:0125)	5 Apr 200700:00	–	nessus
Tenable Nessus	CentOS 4 : xorg (CESA-2007:0126)	10 Apr 200700:00	–	nessus
Tenable Nessus	CentOS 3 / 4 / 5 : freetype (CESA-2007:0150)	19 Apr 200700:00	–	nessus
Tenable Nessus	Debian DSA-1294-1 : xfree86 - several vulnerabilities	20 May 200700:00	–	nessus
Tenable Nessus	Debian DSA-1454-1 : freetype - integer overflow	8 Jan 200800:00	–	nessus
Tenable Nessus	GLSA-200705-02 : FreeType: User-assisted execution of arbitrary code	2 May 200700:00	–	nessus
Tenable Nessus	GLSA-200705-10 : LibXfont, TightVNC: Multiple vulnerabilities	10 May 200700:00	–	nessus
Tenable Nessus	Mac OS X Multiple Vulnerabilities (Security Update 2009-001)	13 Feb 200900:00	–	nessus
Tenable Nessus	Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2007:079-1)	5 Apr 200700:00	–	nessus
Tenable Nessus	Mandrake Linux Security Advisory : tightvnc (MDKSA-2007:080-1)	5 Apr 200700:00	–	nessus

NVD

Node

ubuntu ubuntu_linuxMatch5.10amd64

ubuntu ubuntu_linuxMatch5.10i386

ubuntu ubuntu_linuxMatch5.10powerpc

ubuntu ubuntu_linuxMatch5.10sparc

ubuntu ubuntu_linuxMatch6.06_ltsamd64

ubuntu ubuntu_linuxMatch6.06_ltsi386

ubuntu ubuntu_linuxMatch6.06_ltspowerpc

ubuntu ubuntu_linuxMatch6.06_ltssparc

ubuntu ubuntu_linuxMatch6.10amd64

ubuntu ubuntu_linuxMatch6.10i386

ubuntu ubuntu_linuxMatch6.10powerpc

ubuntu ubuntu_linuxMatch6.10sparc

Node

x.org libxfontMatch1.2.2

xfree86_project x11r6Match4.3.0

xfree86_project x11r6Match4.3.0.1

xfree86_project x11r6Match4.3.0.2

Node

rpath rpath_linuxMatch1

Node

redhat enterprise_linuxMatch2.1advanced_server

redhat enterprise_linuxMatch2.1advanced_server_ia64

redhat enterprise_linuxMatch2.1enterprise_server

redhat enterprise_linuxMatch2.1enterprise_server_ia64

redhat enterprise_linuxMatch2.1workstation

redhat enterprise_linuxMatch2.1workstation_ia64

redhat enterprise_linuxMatch3.0advanced_servers

redhat enterprise_linuxMatch3.0enterprise_server

redhat enterprise_linuxMatch3.0workstation

redhat enterprise_linuxMatch4.0advanced_server

redhat enterprise_linuxMatch4.0enterprise_server

redhat enterprise_linuxMatch4.0workstation

redhat enterprise_linuxMatch5.0desktop

redhat enterprise_linuxMatch5.0desktop_workstation

redhat enterprise_linuxMatch5.0server

redhat enterprise_linux_desktopMatch3.0

redhat enterprise_linux_desktopMatch4.0

redhat linux_advanced_workstationMatch2.1ia64

redhat linux_advanced_workstationMatch2.1itanium

Node

openbsd openbsdMatch3.9

openbsd openbsdMatch4.0

Node

mandrakesoft mandrake_linuxMatch2007

mandrakesoft mandrake_linuxMatch2007x86_64

mandrakesoft mandrake_linux_corporate_serverMatch3.0

mandrakesoft mandrake_linux_corporate_serverMatch3.0x86_64

mandrakesoft mandrake_linux_corporate_serverMatch4.0

mandrakesoft mandrake_linux_corporate_serverMatch4.0x86_64

AND

mandrakesoft mandrake_multi_network_firewallMatch2.0

Source	Link
novell	www.novell.com/linux/security/advisories/2007_27_x.html
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810
lists	www.lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/33417
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
redhat	www.redhat.com/support/errata/RHSA-2007-0126.html
openbsd	www.openbsd.org/errata39.html
secunia	www.secunia.com/advisories/25004
securityfocus	www.securityfocus.com/bid/23283
secunia	www.secunia.com/advisories/25216

23 Apr 2026 00:35Current

7.7High risk

Vulners AI Score7.7

CVSS 28.5

EPSS0.07768

CWE-189