X Window 4.0/4.1/4.2 System Oversized Font DoS

ID EDB-ID:21518
Type exploitdb
Reporter Tom Vogt
Modified 2002-06-10T00:00:00


X Window 4.0/4.1/4.2 System Oversized Font DoS. Dos exploit for linux platform

                                            source: http://www.securityfocus.com/bid/4966/info

X Window System behaves unpredictably when handling an overly large font size. If an attacker can pass an overly large font size to X Window System, it is possible to cause a denial of service condition.

Remote exploitation of this issue is possible via web clients or other applications which do not check that the font size is sane before passing it to the X Window System. This is reported to be a problem with xfs (X Font Server) and the libXfont component.

This is reported to affect various X Window System implementations, including XFree86.

Include a huge font size in your style sheet definition, e.g.:
body { font-size: 1666666px; }