Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-0006HistoryJan 18, 2008 - 11:00 p.m.
CVE-2008-0006
2008-01-1823:00:00
Debian Security Bug Tracker
security-tracker.debian.org
10
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.459 Medium
EPSS
Percentile
97.4%
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 11 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 10 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 999 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 13 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 12 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 11 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 10 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 999 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 13 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
Related
checkpoint_advisories
checkpoint_advisories
X.Org X Server PCF Font Parser Buffer Overflow (CVE-2008-0006)
2010-02-25 00:00:00
openvas
openvas
Fedora Update for libXfont FEDORA-2008-0891
2009-02-17 00:00:00
Fedora Update for libXfont FEDORA-2008-0794
2009-02-17 00:00:00
RedHat Update for libXfont RHSA-2008:0064-01
2009-03-06 00:00:00
oraclelinux
oraclelinux
Important: libXfont security update
2008-01-17 00:00:00
Important: XFree86 security update
2008-01-18 00:00:00
Important: xorg-x11 security update
2008-01-17 00:00:00
nessus
nessus
Scientific Linux Security Update : libXfont on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : libXfont (RHSA-2008:0064)
2008-01-18 00:00:00
Mandriva Linux Security Advisory : libxfont (MDVSA-2008:024)
2009-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: libXfont-1.2.9-3.fc7
2008-01-22 15:59:35
[SECURITY] Fedora 8 Update: libXfont-1.3.1-2.fc8
2008-01-22 15:40:24
[SECURITY] Fedora 7 Update: xorg-x11-server-1.3.0.0-15.fc7
2008-01-22 15:49:43
cve
cve
CVE-2008-0006
2008-01-18 23:00:00
centos
centos
libXfont security update
2008-01-18 23:25:10
XFree86 security update
2008-01-18 15:04:04
XFree86 security update
2008-01-20 22:56:55
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:21:00
cert
cert
X.Org PCF font parser buffer overflow
2008-03-19 00:00:00
prion
prion
Buffer overflow
2008-01-18 23:00:00
redhat
redhat
(RHSA-2008:0064) Important: libXfont security update
2008-01-17 00:00:00
(RHSA-2008:0029) Important: XFree86 security update
2008-01-18 00:00:00
(RHSA-2008:0030) Important: xorg-x11 security update
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2008-0006
2008-01-18 00:00:00
jvn
jvn
JVN#88935101: X.Org Foundation X server buffer overflow vulnerability
2008-06-10 00:00:00
altlinux
altlinux
securityvulns
securityvulns
XFree86 / X.Org / NX multiple security vulnerabilities
2008-04-08 00:00:00
[USN-571-1] X.org vulnerabilities
2008-01-20 00:00:00
debian
debian
[SECURITY] [DSA 1466-3] New xfree86 packages fix regression
2008-01-21 18:53:21
[SECURITY] [DSA 1466-2] New xorg-server packages fix regression
2008-01-19 13:10:16
suse
suse
remote code execution in Xorg and XFree
2008-01-17 15:28:59
ubuntu
ubuntu
X.org regression
2008-01-19 00:00:00
X.org vulnerabilities
2008-01-18 00:00:00
freebsd
freebsd
xorg -- multiple vulnerabilities
2008-01-18 00:00:00
osv
osv
libxfont xfree86 xorg-server - several vulnerabilities
2008-01-21 00:00:00
gentoo
gentoo
X.Org X server and Xfont library: Multiple vulnerabilities
2008-01-20 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.459 Medium
EPSS
Percentile
97.4%
Related for DEBIANCVE:CVE-2008-0006