8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
86.7%
03/20/2015
Critical
Improper type conversion and bitmaps handling was found in X.Org libXfont. By exploiting this vulnerability malicious users can execute arbitrary code or cause denial of service. This vulnerability can be exploited remotely via a specially designed BDF font file.
X.Org libXfont versions earlier than 1.4.9
X.Org libXfont 1.5 versions earlier than 1.5.1
Update to latest version!
Get libXfont
ACE
CVE-2015-18048.5Critical
CVE-2015-18038.5Critical
CVE-2015-18028.5Critical
cgit.freedesktop.org/xorg/lib/libXfont/
lists.x.org/archives/xorg-announce/2015-March/002550.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/libXfont/