KLA10478Denial of service vulnerability in X.Org libXfont

2015-03-20T00:00:00
ID KLA10478
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

03/20/2015

Severity:

Critical

Description:

Improper type conversion and bitmaps handling was found in X.Org libXfont. By exploiting this vulnerability malicious users can execute arbitrary code or cause denial of service. This vulnerability can be exploited remotely via a specially designed BDF font file.

Affected products:

X.Org libXfont versions earlier than 1.4.9
X.Org libXfont 1.5 versions earlier than 1.5.1

Solution:

Update to latest version!
Get libXfont

Original advisories:

X.Org advisory

Impacts:

ACE

CVE-IDS:

CVE-2015-18048.5Critical
CVE-2015-18038.5Critical
CVE-2015-18028.5Critical