{"id": "UBUNTU_USN-2211-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)", "description": "Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-05-15T00:00:00", "modified": "2018-08-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=74022", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "type": "nessus", "lastseen": "2018-09-01T23:50:40", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxfont1", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "1c2bfcc0b9ad84f54e2910bbab7ef7f54e63411ab26a9efef420bec3798fd606", "hashmap": [{"hash": "30aa447e10e80ab7f138ae2a1794964f", "key": "cpe"}, {"hash": "5f9fd943c52284c377f38814cd95944f", "key": "pluginID"}, {"hash": "92e0b58c78d1ce72255380829e275c21", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "2608824fbff43bdc5929127828fd5d55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3e375d0e2dded50b7f540287af0a3cd2", "key": "sourceData"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "af55d304684a6b8cd57f9069646d5c11", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d82f7ac9b6bdc9ae855336dc72270cd6", "key": "href"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "af6cdfff6a32b741232b2871dbe0d47b", "key": "title"}, {"hash": "21fc9686c146fcf6b16f09134dff3269", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=74022", "id": "UBUNTU_USN-2211-1.NASL", "lastseen": "2018-08-05T11:56:57", "modified": "2018-08-03T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "74022", "published": "2014-05-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2211-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74022);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/08/03 12:21:24\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"USN\", value:\"2211-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ilja van Sprundel discovered that libXfont incorrectly handled font\nmetadata file parsing. A local attacker could use this issue to cause\nlibXfont to crash, or possibly execute arbitrary code in order to gain\nprivileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\nServer replies. A malicious font server could return specially crafted\ndata that could cause libXfont to crash, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.1-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.4-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.5-2ubuntu0.12.10.2\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.6-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.7-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxfont1\");\n}\n", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-05T11:56:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "a929b1c087bc94ce545e75f3f235b75a3be8cc72c9e3378d6a7d0d471fbc13f0", "hashmap": [{"hash": "c6e219b56aa27b9d5e255342817e79ea", "key": "sourceData"}, {"hash": "5f9fd943c52284c377f38814cd95944f", "key": "pluginID"}, {"hash": "92e0b58c78d1ce72255380829e275c21", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "2608824fbff43bdc5929127828fd5d55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "ddab325b78ee84639dc78b61e4febc39", "key": "modified"}, {"hash": "af55d304684a6b8cd57f9069646d5c11", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d82f7ac9b6bdc9ae855336dc72270cd6", "key": "href"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "af6cdfff6a32b741232b2871dbe0d47b", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=74022", "id": "UBUNTU_USN-2211-1.NASL", "lastseen": "2016-09-26T17:24:57", "modified": "2016-05-24T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "74022", "published": "2014-05-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2211-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74022);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/24 17:29:03 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_osvdb_id(106970, 106971, 106972, 106973, 106974, 106975, 106976, 106977, 106978, 106979, 106980, 106981);\n script_xref(name:\"USN\", value:\"2211-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ilja van Sprundel discovered that libXfont incorrectly handled font\nmetadata file parsing. A local attacker could use this issue to cause\nlibXfont to crash, or possibly execute arbitrary code in order to gain\nprivileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\nServer replies. A malicious font server could return specially crafted\ndata that could cause libXfont to crash, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2016 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.1-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.4-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.5-2ubuntu0.12.10.2\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.6-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.7-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxfont1\");\n}\n", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxfont1", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "22865091f8c32be032936e0e19b9d7985c1ef86df2f7310cedee4324951cb596", "hashmap": [{"hash": "30aa447e10e80ab7f138ae2a1794964f", "key": "cpe"}, {"hash": "c6e219b56aa27b9d5e255342817e79ea", "key": "sourceData"}, {"hash": "5f9fd943c52284c377f38814cd95944f", "key": "pluginID"}, {"hash": "92e0b58c78d1ce72255380829e275c21", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "2608824fbff43bdc5929127828fd5d55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "ddab325b78ee84639dc78b61e4febc39", "key": "modified"}, {"hash": "af55d304684a6b8cd57f9069646d5c11", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d82f7ac9b6bdc9ae855336dc72270cd6", "key": "href"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "af6cdfff6a32b741232b2871dbe0d47b", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=74022", "id": "UBUNTU_USN-2211-1.NASL", "lastseen": "2017-10-29T13:39:21", "modified": "2016-05-24T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "74022", "published": "2014-05-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2211-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74022);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/24 17:29:03 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_osvdb_id(106970, 106971, 106972, 106973, 106974, 106975, 106976, 106977, 106978, 106979, 106980, 106981);\n script_xref(name:\"USN\", value:\"2211-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ilja van Sprundel discovered that libXfont incorrectly handled font\nmetadata file parsing. A local attacker could use this issue to cause\nlibXfont to crash, or possibly execute arbitrary code in order to gain\nprivileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\nServer replies. A malicious font server could return specially crafted\ndata that could cause libXfont to crash, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2016 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.1-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.4-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.5-2ubuntu0.12.10.2\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.6-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.7-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxfont1\");\n}\n", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:39:21"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxfont1", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "2257d0970933cc5934487514e398cdbe0ddd2117946d6396788e154d3d658cf2", "hashmap": [{"hash": "30aa447e10e80ab7f138ae2a1794964f", "key": "cpe"}, {"hash": "5f9fd943c52284c377f38814cd95944f", "key": "pluginID"}, {"hash": "92e0b58c78d1ce72255380829e275c21", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "2608824fbff43bdc5929127828fd5d55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3e375d0e2dded50b7f540287af0a3cd2", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "af55d304684a6b8cd57f9069646d5c11", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d82f7ac9b6bdc9ae855336dc72270cd6", "key": "href"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "af6cdfff6a32b741232b2871dbe0d47b", "key": "title"}, {"hash": "21fc9686c146fcf6b16f09134dff3269", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=74022", "id": "UBUNTU_USN-2211-1.NASL", "lastseen": "2018-08-30T19:44:27", "modified": "2018-08-03T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "74022", "published": "2014-05-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2211-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74022);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/08/03 12:21:24\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"USN\", value:\"2211-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ilja van Sprundel discovered that libXfont incorrectly handled font\nmetadata file parsing. A local attacker could use this issue to cause\nlibXfont to crash, or possibly execute arbitrary code in order to gain\nprivileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\nServer replies. A malicious font server could return specially crafted\ndata that could cause libXfont to crash, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.1-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.4-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.5-2ubuntu0.12.10.2\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.6-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.7-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxfont1\");\n}\n", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:44:27"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "30aa447e10e80ab7f138ae2a1794964f"}, {"key": "cvelist", "hash": "2608824fbff43bdc5929127828fd5d55"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "af55d304684a6b8cd57f9069646d5c11"}, {"key": "href", "hash": "d82f7ac9b6bdc9ae855336dc72270cd6"}, {"key": "modified", "hash": "21fc9686c146fcf6b16f09134dff3269"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "5f9fd943c52284c377f38814cd95944f"}, {"key": "published", "hash": "92e0b58c78d1ce72255380829e275c21"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "3e375d0e2dded50b7f540287af0a3cd2"}, {"key": "title", "hash": "af6cdfff6a32b741232b2871dbe0d47b"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "1c2bfcc0b9ad84f54e2910bbab7ef7f54e63411ab26a9efef420bec3798fd606", "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2211-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74022);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/08/03 12:21:24\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"USN\", value:\"2211-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxfont vulnerabilities (USN-2211-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ilja van Sprundel discovered that libXfont incorrectly handled font\nmetadata file parsing. A local attacker could use this issue to cause\nlibXfont to crash, or possibly execute arbitrary code in order to gain\nprivileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\nServer replies. A malicious font server could return specially crafted\ndata that could cause libXfont to crash, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxfont1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.1-1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.4-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.5-2ubuntu0.12.10.2\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libxfont1\", pkgver:\"1:1.4.6-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxfont1\", pkgver:\"1:1.4.7-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxfont1\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "74022", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxfont1", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"]}

{"f5": [{"lastseen": "2016-09-26T17:23:24", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\n**ARX**\n\nTo mitigate this vulnerability, do not use X Windows environments when connecting to the ARX command line. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2015-02-12T00:00:00", "title": "SOL16118 - libXfont vulnerabilities CVE-2014-0209, CVE-2014-0210 and CVE-2014-0211", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "ARX", "version": "6.4.0", "operator": "le"}], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2015-02-12T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/100/sol16118.html", "id": "SOL16118", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-12T02:11:03", "references": [], "edition": 1, "description": " \n\n\n[CVE-2014-0209](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0209>)\n\nMultiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.\n\n[CVE-2014-0210](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0210>)\n\nMultiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.\n\n[CVE-2014-0211](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0211>)\n\nMultiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.\n\nImpact \n\n\nA malicious X.org server may cause an X client to crash (CVE-2014-0210 and CVE-2014-0211), or possibly execute arbitrary code with the privileges of the X.org server (CVE-2014-0209, CVE-2014-0210, and CVE-2014-0211).\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n**ARX**\n\nTo mitigate this vulnerability, do not use X Windows environments when connecting to the ARX command line. \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "reporter": "f5", "published": "2015-02-13T07:24:00", "title": "libXfont vulnerabilities CVE-2014-0209, CVE-2014-0210 and CVE-2014-0211", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "ARX", "version": "6.4.0", "operator": "le"}], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2016-01-09T02:19:00", "href": "https://support.f5.com/csp/article/K16118", "id": "F5:K16118", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2017-04-18T15:54:22", "references": ["http://lists.x.org/archives/xorg-announce/2014-May/002431.html", "http://advisories.mageia.org/MGASA-2014-0278.html", "http://www.ubuntu.com/usn/USN-2211-1", "http://secunia.com/advisories/59154", "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "http://seclists.org/fulldisclosure/2014/Dec/23", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:145", "http://lists.opensuse.org/opensuse-updates/2014-05/msg00073.html", "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "http://rhn.redhat.com/errata/RHSA-2014-1893.html", "http://www.securityfocus.com/bid/67382", "http://www.debian.org/security/2014/dsa-2927", "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded"], "edition": 2, "description": "Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.", "reporter": "NVD", "published": "2014-05-15T10:55:07", "title": "CVE-2014-0210", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-0210"], "scanner": [], "modified": "2017-01-06T21:59:20", "cpe": ["cpe:/a:x:libxfont:1.2.9", "cpe:/a:x:libxfont:1.3.4", "cpe:/a:x:libxfont:1.3.3", "cpe:/a:x:libxfont:1.4.3", "cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~", "cpe:/a:x:libxfont:1.4.7", "cpe:/a:x:libxfont:1.4.99", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/a:x:libxfont:1.4.4", "cpe:/a:x:libxfont:1.2.3", "cpe:/a:x:libxfont:1.3.0", "cpe:/a:x:libxfont:1.2.8", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/a:x:libxfont:1.2.6", "cpe:/a:x:libxfont:1.2.4", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/a:x:libxfont:1.4.1", "cpe:/a:x:libxfont:1.4.5", "cpe:/a:x:libxfont:1.2.5", "cpe:/a:x:libxfont:1.3.2", "cpe:/a:x:libxfont:1.3.1", "cpe:/a:x:libxfont:1.4.0", "cpe:/a:x:libxfont:1.4.6", "cpe:/a:x:libxfont:1.2.7", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/a:x:libxfont:1.4.2"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0210", "id": "CVE-2014-0210", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:54:22", "references": ["http://lists.x.org/archives/xorg-announce/2014-May/002431.html", "http://advisories.mageia.org/MGASA-2014-0278.html", "http://www.ubuntu.com/usn/USN-2211-1", "http://secunia.com/advisories/59154", "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "http://seclists.org/fulldisclosure/2014/Dec/23", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:145", "http://lists.opensuse.org/opensuse-updates/2014-05/msg00073.html", "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "http://rhn.redhat.com/errata/RHSA-2014-1893.html", "http://www.securityfocus.com/bid/67382", "http://www.debian.org/security/2014/dsa-2927", "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded"], "edition": 2, "description": "Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.", "reporter": "NVD", "published": "2014-05-15T10:55:07", "title": "CVE-2014-0209", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-0209"], "scanner": [], "modified": "2017-01-06T21:59:20", "cpe": ["cpe:/a:x:libxfont:1.2.9", "cpe:/a:x:libxfont:1.3.4", "cpe:/a:x:libxfont:1.3.3", "cpe:/a:x:libxfont:1.4.3", "cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~", "cpe:/a:x:libxfont:1.4.7", "cpe:/a:x:libxfont:1.4.99", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/a:x:libxfont:1.4.4", "cpe:/a:x:libxfont:1.2.3", "cpe:/a:x:libxfont:1.3.0", "cpe:/a:x:libxfont:1.2.8", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/a:x:libxfont:1.2.6", "cpe:/a:x:libxfont:1.2.4", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/a:x:libxfont:1.4.1", "cpe:/a:x:libxfont:1.4.5", "cpe:/a:x:libxfont:1.2.5", "cpe:/a:x:libxfont:1.3.2", "cpe:/a:x:libxfont:1.3.1", "cpe:/a:x:libxfont:1.4.0", "cpe:/a:x:libxfont:1.4.6", "cpe:/a:x:libxfont:1.2.7", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/a:x:libxfont:1.4.2"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0209", "id": "CVE-2014-0209", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:54:22", "references": ["http://lists.x.org/archives/xorg-announce/2014-May/002431.html", "http://advisories.mageia.org/MGASA-2014-0278.html", "http://www.ubuntu.com/usn/USN-2211-1", "http://secunia.com/advisories/59154", "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "http://seclists.org/fulldisclosure/2014/Dec/23", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:145", "http://lists.opensuse.org/opensuse-updates/2014-05/msg00073.html", "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "http://rhn.redhat.com/errata/RHSA-2014-1893.html", "http://www.securityfocus.com/bid/67382", "http://www.debian.org/security/2014/dsa-2927", "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded"], "edition": 2, "description": "Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.", "reporter": "NVD", "published": "2014-05-15T10:55:07", "title": "CVE-2014-0211", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-0211"], "scanner": [], "modified": "2017-01-06T21:59:20", "cpe": ["cpe:/a:x:libxfont:1.2.9", "cpe:/a:x:libxfont:1.3.4", "cpe:/a:x:libxfont:1.3.3", "cpe:/a:x:libxfont:1.4.3", "cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~", "cpe:/a:x:libxfont:1.4.7", "cpe:/a:x:libxfont:1.4.99", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/a:x:libxfont:1.4.4", "cpe:/a:x:libxfont:1.2.3", "cpe:/a:x:libxfont:1.3.0", "cpe:/a:x:libxfont:1.2.8", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/a:x:libxfont:1.2.6", "cpe:/a:x:libxfont:1.2.4", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/a:x:libxfont:1.4.1", "cpe:/a:x:libxfont:1.4.5", "cpe:/a:x:libxfont:1.2.5", "cpe:/a:x:libxfont:1.3.2", "cpe:/a:x:libxfont:1.3.1", "cpe:/a:x:libxfont:1.4.0", "cpe:/a:x:libxfont:1.4.6", "cpe:/a:x:libxfont:1.2.7", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/a:x:libxfont:1.4.2"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0211", "id": "CVE-2014-0211", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:25:57", "references": ["https://rhn.redhat.com/errata/RHSA-2014-1870.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-1.4.5-4.el6_6.src.rpm", "packageName": "libXfont", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "packageFilename": "libXfont-1.4.7-2.el7_0.i686.rpm", "packageName": "libXfont", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.x86_64.rpm", "packageName": "libXfont-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.i686.rpm", "packageName": "libXfont-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-1.4.5-4.el6_6.x86_64.rpm", "packageName": "libXfont", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "packageFilename": "libXfont-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.x86_64.rpm", "packageName": "libXfont-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "packageFilename": "libXfont-1.4.7-2.el7_0.src.rpm", "packageName": "libXfont", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "packageFilename": "libXfont-1.4.7-2.el7_0.x86_64.rpm", "packageName": "libXfont", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:1870\n\n\nThe libXfont packages provide the X.Org libXfont runtime library. X.Org is\nan open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-November/020768.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-November/020769.html\n\n**Affected packages:**\nlibXfont\nlibXfont-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1870.html", "edition": 1, "reporter": "CentOS Project", "published": "2014-11-18T14:18:34", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "libXfont security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-11-18T18:33:30", "href": "http://lists.centos.org/pipermail/centos-announce/2014-November/020768.html", "id": "CESA-2014:1870", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:26:00", "references": ["https://rhn.redhat.com/errata/RHSA-2014-1893.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.src.rpm", "packageName": "libXfont", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:1893\n\n\nThe libXfont packages provide the X.Org libXfont runtime library. X.Org is\nan open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-November/020782.html\n\n**Affected packages:**\nlibXfont\nlibXfont-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1893.html", "edition": 1, "reporter": "CentOS Project", "published": "2014-11-25T11:10:27", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "libXfont security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-11-25T11:10:27", "href": "http://lists.centos.org/pipermail/centos-announce/2014-November/020782.html", "id": "CESA-2014:1893", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:39:03", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1096597", "http://www.nessus.org/u?62e87a90", "https://bugzilla.redhat.com/show_bug.cgi?id=1096601", "https://bugzilla.redhat.com/show_bug.cgi?id=1096593"], "pluginID": "76514", "description": "- libXfont 1.4.8 (rhbz#1100441)\n\n - Fixes: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211 (rhbz#1097397)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2014-07-16T00:00:00", "title": "Fedora 20 : libXfont-1.4.8-1.fc20 (2014-8208)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2015-10-19T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:libXfont"], "id": "FEDORA_2014-8208.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76514", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8208.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76514);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:40:33 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"FEDORA\", value:\"2014-8208\");\n\n script_name(english:\"Fedora 20 : libXfont-1.4.8-1.fc20 (2014-8208)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - libXfont 1.4.8 (rhbz#1100441)\n\n - Fixes: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211\n (rhbz#1097397)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096601\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135401.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?62e87a90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libXfont package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"libXfont-1.4.8-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXfont\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:37:21", "references": ["http://www.nessus.org/u?92e7f65c", "http://www.nessus.org/u?d154d1e4"], "pluginID": "79313", "description": "Updated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libXfont packages provide the X.Org libXfont runtime library.\nX.Org is an open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues. Upstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.", "edition": 5, "reporter": "Tenable", "published": "2014-11-19T00:00:00", "title": "CentOS 6 / 7 : libXfont (CESA-2014:1870)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-07-02T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:libXfont", "p-cpe:/a:centos:centos:libXfont-devel"], "id": "CENTOS_RHSA-2014-1870.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79313", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1870 and \n# CentOS Errata and Security Advisory 2014:1870 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79313);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/02 18:48:53\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"RHSA\", value:\"2014:1870\");\n\n script_name(english:\"CentOS 6 / 7 : libXfont (CESA-2014:1870)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libXfont packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libXfont packages provide the X.Org libXfont runtime library.\nX.Org is an open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain\nfont files when attempting to add a new directory to the font path. A\nmalicious, local user could exploit this issue to potentially execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont\nparsed replies received from an X.org font server. A malicious X.org\nserver could cause an X client to crash or, possibly, execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these\nissues. Upstream acknowledges Ilja van Sprundel as the original\nreporter.\n\nUsers of libXfont should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All running X.Org\nserver instances must be restarted for the update to take effect.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2014-November/020768.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d154d1e4\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2014-November/020769.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92e7f65c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"libXfont-1.4.5-4.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libXfont-devel-1.4.5-4.el6_6\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfont-1.4.7-2.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libXfont-devel-1.4.7-2.el7_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:45:32", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1096597", "https://bugzilla.redhat.com/show_bug.cgi?id=1096601", "https://bugzilla.redhat.com/show_bug.cgi?id=1096593", "http://www.nessus.org/u?7251792d"], "pluginID": "76693", "description": "- libXfont 1.4.8 (rhbz#1100441)\n\n - Fixes: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211 (rhbz#1097397)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2014-07-23T00:00:00", "title": "Fedora 19 : libXfont-1.4.8-1.fc19 (2014-8223)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2015-10-19T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:libXfont"], "id": "FEDORA_2014-8223.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76693", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8223.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76693);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:40:33 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"FEDORA\", value:\"2014-8223\");\n\n script_name(english:\"Fedora 19 : libXfont-1.4.8-1.fc19 (2014-8223)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - libXfont 1.4.8 (rhbz#1100441)\n\n - Fixes: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211\n (rhbz#1097397)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096601\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135702.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7251792d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libXfont package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"libXfont-1.4.8-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXfont\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:35:51", "references": ["http://lists.x.org/archives/xorg-announce/2014-May/002431.html", "http://www.nessus.org/u?5e16ec1d"], "pluginID": "74004", "description": "Alan Coopersmith reports :\n\nIlja van Sprundel, a security researcher with IOActive, has discovered several issues in the way the libXfont library handles the responses it receives from xfs servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues.\n\nMost of these issues stem from libXfont trusting the font server to send valid protocol data, and not verifying that the values will not overflow or cause other damage. This code is commonly called from the X server when an X Font Server is active in the font path, so may be running in a setuid-root process depending on the X server in use.\nExploits of this path could be used by a local, authenticated user to attempt to raise privileges; or by a remote attacker who can control the font server to attempt to execute code with the privileges of the X server.", "edition": 4, "reporter": "Tenable", "published": "2014-05-14T00:00:00", "title": "FreeBSD : libXfont -- X Font Service Protocol and Font metadata file handling issues (b060ee50-daba-11e3-99f2-bcaec565249c)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2015-07-16T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:linux-f10-xorg-libs", "p-cpe:/a:freebsd:freebsd:linux-c6-xorg-libs", "p-cpe:/a:freebsd:freebsd:libXfont"], "id": "FREEBSD_PKG_B060EE50DABA11E399F2BCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74004", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2015 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74004);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/07/16 14:30:42 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n\n script_name(english:\"FreeBSD : libXfont -- X Font Service Protocol and Font metadata file handling issues (b060ee50-daba-11e3-99f2-bcaec565249c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alan Coopersmith reports :\n\nIlja van Sprundel, a security researcher with IOActive, has discovered\nseveral issues in the way the libXfont library handles the responses\nit receives from xfs servers, and has worked with X.Org's security\nteam to analyze, confirm, and fix these issues.\n\nMost of these issues stem from libXfont trusting the font server to\nsend valid protocol data, and not verifying that the values will not\noverflow or cause other damage. This code is commonly called from the\nX server when an X Font Server is active in the font path, so may be\nrunning in a setuid-root process depending on the X server in use.\nExploits of this path could be used by a local, authenticated user to\nattempt to raise privileges; or by a remote attacker who can control\nthe font server to attempt to execute code with the privileges of the\nX server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.x.org/archives/xorg-announce/2014-May/002431.html\"\n );\n # http://www.freebsd.org/ports/portaudit/b060ee50-daba-11e3-99f2-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e16ec1d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-xorg-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-xorg-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libXfont<1.4.7_3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-xorg-libs<7.4_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-xorg-libs>=*\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:34:22", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-November/004652.html", "https://oss.oracle.com/pipermail/el-errata/2014-November/004651.html"], "pluginID": "79371", "description": "From Red Hat Security Advisory 2014:1870 :\n\nUpdated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libXfont packages provide the X.Org libXfont runtime library.\nX.Org is an open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues. Upstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.", "edition": 5, "reporter": "Tenable", "published": "2014-11-21T00:00:00", "title": "Oracle Linux 6 / 7 : libXfont (ELSA-2014-1870)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:libXfont-devel", "p-cpe:/a:oracle:linux:libXfont", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2014-1870.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79371", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1870 and \n# Oracle Linux Security Advisory ELSA-2014-1870 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79371);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"RHSA\", value:\"2014:1870\");\n\n script_name(english:\"Oracle Linux 6 / 7 : libXfont (ELSA-2014-1870)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1870 :\n\nUpdated libXfont packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libXfont packages provide the X.Org libXfont runtime library.\nX.Org is an open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain\nfont files when attempting to add a new directory to the font path. A\nmalicious, local user could exploit this issue to potentially execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont\nparsed replies received from an X.org font server. A malicious X.org\nserver could cause an X client to crash or, possibly, execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these\nissues. Upstream acknowledges Ilja van Sprundel as the original\nreporter.\n\nUsers of libXfont should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All running X.Org\nserver instances must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-November/004651.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-November/004652.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libXfont-1.4.5-4.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libXfont-devel-1.4.5-4.el6_6\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfont-1.4.7-2.el7_0\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libXfont-devel-1.4.7-2.el7_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXfont / libXfont-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:34:13", "references": ["http://support.novell.com/security/cve/CVE-2014-0211.html", "http://support.novell.com/security/cve/CVE-2014-0209.html", "http://support.novell.com/security/cve/CVE-2014-0210.html", "https://bugzilla.novell.com/show_bug.cgi?id=857544"], "pluginID": "74463", "description": "xorg-x11-libs was patched to fix the following security issues :\n\n - Integer overflow of allocations in font metadata file parsing. (CVE-2014-0209)\n\n - libxfont not validating length fields when parsing xfs protocol replies. (CVE-2014-0210)\n\n - Integer overflows causing miscalculating memory needs for xfs replies. (CVE-2014-0211) Further information is available at http://lists.x.org/archives/xorg-announce/2014-May/00243 1.html .", "edition": 4, "reporter": "Tenable", "published": "2014-06-11T00:00:00", "title": "SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 9272)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-06-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:xorg-x11-libs-32bit", "p-cpe:/a:novell:suse_linux:11:xorg-x11-libs", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_XORG-X11-DEVEL-140515.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74463", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74463);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/11 15:40:02 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n\n script_name(english:\"SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 9272)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"xorg-x11-libs was patched to fix the following security issues :\n\n - Integer overflow of allocations in font metadata file\n parsing. (CVE-2014-0209)\n\n - libxfont not validating length fields when parsing xfs\n protocol replies. (CVE-2014-0210)\n\n - Integer overflows causing miscalculating memory needs\n for xfs replies. (CVE-2014-0211) Further information is\n available at\n http://lists.x.org/archives/xorg-announce/2014-May/00243\n 1.html .\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=857544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0209.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0210.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0211.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9272.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xorg-x11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xorg-x11-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xorg-x11-libs-7.4-8.26.42.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xorg-x11-libs-7.4-8.26.42.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xorg-x11-libs-32bit-7.4-8.26.42.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"xorg-x11-libs-7.4-8.26.42.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"xorg-x11-libs-32bit-7.4-8.26.42.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xorg-x11-libs-32bit-7.4-8.26.42.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:38:29", "references": ["http://www.nessus.org/u?b5f8def1", "http://www.nessus.org/u?cb0925c5"], "pluginID": "80823", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata. (CVE-2014-0209)\n\n - Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.\n (CVE-2014-0210)\n\n - Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. (CVE-2014-0211)", "edition": 4, "reporter": "Tenable", "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2015-01-19T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:xorg"], "id": "SOLARIS11_XORG_20141107_2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80823", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80823);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2015/01/19 15:24:31 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org2)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Multiple integer overflows in the (1) FontFileAddEntry\n and (2) lexAlias functions in X.Org libXfont before\n 1.4.8 and 1.4.9x before 1.4.99.901 might allow local\n users to gain privileges by adding a directory with a\n large fonts.dir or fonts.alias file to the font path,\n which triggers a heap-based buffer overflow, related to\n metadata. (CVE-2014-0209)\n\n - Multiple buffer overflows in X.Org libXfont before 1.4.8\n and 1.4.9x before 1.4.99.901 allow remote font servers\n to execute arbitrary code via a crafted xfs protocol\n reply to the (1) _fs_recv_conn_setup, (2)\n fs_read_open_font, (3) fs_read_query_info, (4)\n fs_read_extent_info, (5) fs_read_glyphs, (6)\n fs_read_list, or (7) fs_read_list_info function.\n (CVE-2014-0210)\n\n - Multiple integer overflows in the (1) fs_get_reply, (2)\n fs_alloc_glyphs, and (3) fs_read_extent_info functions\n in X.Org libXfont before 1.4.8 and 1.4.9x before\n 1.4.99.901 allow remote font servers to execute\n arbitrary code via a crafted xfs reply, which triggers a\n buffer overflow. (CVE-2014-0211)\"\n );\n # http://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5f8def1\"\n );\n # https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cb0925c5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.21.4.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:xorg\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^xorg$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xorg\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.21.0.4.1\", sru:\"SRU 11.1.21.4.1\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : xorg\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"xorg\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:05:39", "references": ["https://security-tracker.debian.org/tracker/CVE-2014-0210", "https://security-tracker.debian.org/tracker/CVE-2014-0209", "https://packages.debian.org/source/squeeze/libxfont", "https://packages.debian.org/source/wheezy/libxfont", "http://www.debian.org/security/2014/dsa-2927", "https://security-tracker.debian.org/tracker/CVE-2014-0211"], "pluginID": "73997", "description": "Ilja van Sprundel of IOActive discovered several security issues in the X.Org libXfont library, which may allow a local, authenticated user to attempt to raise privileges; or a remote attacker who can control the font server to attempt to execute code with the privileges of the X server.\n\n - CVE-2014-0209 Integer overflow of allocations in font metadata file parsing could allow a local user who is already authenticated to the X server to overwrite other memory in the heap.\n\n - CVE-2014-0210 libxfont does not validate length fields when parsing xfs protocol replies allowing to write past the bounds of allocated memory when storing the returned data from the font server.\n\n - CVE-2014-0211 Integer overflows calculating memory needs for xfs replies could result in allocating too little memory and then writing the returned data from the font server past the end of the allocated buffer.", "edition": 5, "reporter": "Tenable", "published": "2014-05-14T00:00:00", "title": "Debian DSA-2927-1 : libxfont - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libxfont"], "id": "DEBIAN_DSA-2927.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73997", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2927. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73997);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/09 14:30:25\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_xref(name:\"DSA\", value:\"2927\");\n\n script_name(english:\"Debian DSA-2927-1 : libxfont - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ilja van Sprundel of IOActive discovered several security issues in\nthe X.Org libXfont library, which may allow a local, authenticated\nuser to attempt to raise privileges; or a remote attacker who can\ncontrol the font server to attempt to execute code with the privileges\nof the X server.\n\n - CVE-2014-0209\n Integer overflow of allocations in font metadata file\n parsing could allow a local user who is already\n authenticated to the X server to overwrite other memory\n in the heap.\n\n - CVE-2014-0210\n libxfont does not validate length fields when parsing\n xfs protocol replies allowing to write past the bounds\n of allocated memory when storing the returned data from\n the font server.\n\n - CVE-2014-0211\n Integer overflows calculating memory needs for xfs\n replies could result in allocating too little memory and\n then writing the returned data from the font server past\n the end of the allocated buffer.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-0211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libxfont\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxfont\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2014/dsa-2927\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxfont packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 1:1.4.1-5.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 1:1.4.5-4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxfont\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxfont-dev\", reference:\"1:1.4.1-5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxfont1\", reference:\"1:1.4.1-5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxfont1-dbg\", reference:\"1:1.4.1-5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxfont1-udeb\", reference:\"1:1.4.1-5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxfont-dev\", reference:\"1:1.4.5-4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxfont1\", reference:\"1:1.4.5-4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxfont1-dbg\", reference:\"1:1.4.5-4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxfont1-udeb\", reference:\"1:1.4.5-4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:44:04", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-November/004669.html"], "pluginID": "79424", "description": "From Red Hat Security Advisory 2014:1893 :\n\nUpdated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libXfont packages provide the X.Org libXfont runtime library.\nX.Org is an open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues. Upstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.", "edition": 5, "reporter": "Tenable", "published": "2014-11-25T00:00:00", "title": "Oracle Linux 5 : libXfont (ELSA-2014-1893)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-07-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libXfont-devel", "p-cpe:/a:oracle:linux:libXfont", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-1893.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79424", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1893 and \n# Oracle Linux Security Advisory ELSA-2014-1893 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79424);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_bugtraq_id(67382);\n script_xref(name:\"RHSA\", value:\"2014:1893\");\n\n script_name(english:\"Oracle Linux 5 : libXfont (ELSA-2014-1893)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1893 :\n\nUpdated libXfont packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libXfont packages provide the X.Org libXfont runtime library.\nX.Org is an open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain\nfont files when attempting to add a new directory to the font path. A\nmalicious, local user could exploit this issue to potentially execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont\nparsed replies received from an X.org font server. A malicious X.org\nserver could cause an X client to crash or, possibly, execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these\nissues. Upstream acknowledges Ilja van Sprundel as the original\nreporter.\n\nUsers of libXfont should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. All running X.Org\nserver instances must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-November/004669.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxfont packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libXfont-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"libXfont-1.2.2-1.0.6.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libXfont-devel-1.2.2-1.0.6.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libXfont / libXfont-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:26", "references": ["http://www.nessus.org/u?d3664320"], "pluginID": "79427", "description": "A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nAll running X.Org server instances must be restarted for the update to take effect.", "edition": 4, "reporter": "Tenable", "published": "2014-11-25T00:00:00", "title": "Scientific Linux Security Update : libXfont on SL5.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-11-25T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20141124_LIBXFONT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79427);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/11/25 11:49:28 $\");\n\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n\n script_name(english:\"Scientific Linux Security Update : libXfont on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in the way libXfont processed certain\nfont files when attempting to add a new directory to the font path. A\nmalicious, local user could exploit this issue to potentially execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont\nparsed replies received from an X.org font server. A malicious X.org\nserver could cause an X client to crash or, possibly, execute\narbitrary code with the privileges of the X.Org server.\n(CVE-2014-0210, CVE-2014-0211)\n\nAll running X.Org server instances must be restarted for the update to\ntake effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1411&L=scientific-linux-errata&T=0&P=4070\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3664320\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libXfont, libXfont-debuginfo and / or\nlibXfont-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"libXfont-1.2.2-1.0.6.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libXfont-debuginfo-1.2.2-1.0.6.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libXfont-devel-1.2.2-1.0.6.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-01T23:53:48", "references": ["https://www.redhat.com/archives/rhsa-announce/2014-November/msg00035.html", "2014:1870-01"], "pluginID": "1361412562310871295", "description": "Check the version of libXfont", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-11-19T00:00:00", "title": "RedHat Update for libXfont RHSA-2014:1870-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-07-19T00:00:00", "id": "OPENVAS:1361412562310871295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libXfont RHSA-2014:1870-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871295\");\n script_version(\"$Revision: 6759 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-19 11:56:33 +0200 (Wed, 19 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-19 06:34:48 +0100 (Wed, 19 Nov 2014)\");\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for libXfont RHSA-2014:1870-01\");\n script_tag(name: \"summary\", value: \"Check the version of libXfont\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The libXfont packages provide the X.Org libXfont runtime library. X.Org is\nan open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n\");\n script_tag(name: \"affected\", value: \"libXfont on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:1870-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-November/msg00035.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.7~2.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont-debuginfo\", rpm:\"libXfont-debuginfo~1.4.7~2.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.5~4.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont-debuginfo\", rpm:\"libXfont-debuginfo~1.4.5~4.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:53", "references": ["2014:1870", "http://lists.centos.org/pipermail/centos-announce/2014-November/020769.html"], "pluginID": "1361412562310882085", "description": "Check the version of libXfont", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-11-19T00:00:00", "title": "CentOS Update for libXfont CESA-2014:1870 centos7 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-07-13T00:00:00", "id": "OPENVAS:1361412562310882085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882085", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libXfont CESA-2014:1870 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882085\");\n script_version(\"$Revision: 6715 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-19 06:35:21 +0100 (Wed, 19 Nov 2014)\");\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for libXfont CESA-2014:1870 centos7 \");\n\n script_tag(name: \"summary\", value: \"Check the version of libXfont\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The libXfont packages provide the X.Org\nlibXfont runtime library. X.Org is an open source implementation of the X Window\nSystem.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n\");\n script_tag(name: \"affected\", value: \"libXfont on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:1870\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-November/020769.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.7~2.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont-devel\", rpm:\"libXfont-devel~1.4.7~2.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:48", "references": ["2014:1870", "http://lists.centos.org/pipermail/centos-announce/2014-November/020768.html"], "pluginID": "1361412562310882086", "description": "Check the version of libXfont", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-11-19T00:00:00", "title": "CentOS Update for libXfont CESA-2014:1870 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-07-13T00:00:00", "id": "OPENVAS:1361412562310882086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882086", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libXfont CESA-2014:1870 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882086\");\n script_version(\"$Revision: 6715 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-19 06:35:25 +0100 (Wed, 19 Nov 2014)\");\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for libXfont CESA-2014:1870 centos6 \");\n\n script_tag(name: \"summary\", value: \"Check the version of libXfont\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The libXfont packages provide the X.Org\nlibXfont runtime library. X.Org is an open source implementation of the X Window\nSystem.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n\");\n script_tag(name: \"affected\", value: \"libXfont on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:1870\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-November/020768.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.5~4.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libXfont-devel\", rpm:\"libXfont-devel~1.4.5~4.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:49:45", "references": ["https://security.gentoo.org/glsa/201406-11"], "pluginID": "1361412562310121214", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-11", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-11", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310121214", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121214", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201406-11.nasl 9374 2018-04-06 08:58:12Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121214\");\nscript_version(\"$Revision: 9374 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:27:21 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-11\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201406-11\");\nscript_cve_id(\"CVE-2014-0209\",\"CVE-2014-0210\",\"CVE-2014-0211\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-11\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"x11-libs/libXfont\", unaffected: make_list(\"ge 1.4.8\"), vulnerable: make_list(\"lt 1.4.8\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:56", "references": ["http://linux.oracle.com/errata/ELSA-2014-1893.html"], "pluginID": "1361412562310123241", "description": "Oracle Linux Local Security Checks ELSA-2014-1893", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2014-1893", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:1361412562310123241", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123241", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-1893.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123241\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:01:10 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-1893\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-1893 - libXfont security update - [1.2.2-1.0.6]- CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601)- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601)- CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-1893\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-1893.html\");\nscript_cve_id(\"CVE-2014-0209\",\"CVE-2014-0210\",\"CVE-2014-0211\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.2.2~1.0.6.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libXfont-devel\", rpm:\"libXfont-devel~1.2.2~1.0.6.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:19", "references": ["2211-1", "http://www.ubuntu.com/usn/usn-2211-1/"], "pluginID": "1361412562310841825", "description": "Check for the Version of libxfont", "edition": 8, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-05-19T00:00:00", "title": "Ubuntu Update for libxfont USN-2211-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310841825", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841825", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2211_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for libxfont USN-2211-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841825\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-19 11:24:57 +0530 (Mon, 19 May 2014)\");\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for libxfont USN-2211-1\");\n\n\n script_tag(name:\"affected\", value:\"libxfont on Ubuntu 14.04 LTS,\n Ubuntu 13.10,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Ilja van Sprundel discovered that libXfont incorrectly handled\nfont metadata file parsing. A local attacker could use this issue to cause\nlibXfont to crash, or possibly execute arbitrary code in order to gain\nprivileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\nServer replies. A malicious font server could return specially-crafted data\nthat could cause libXfont to crash, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10\nand Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2211-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2211-1/\");\n script_tag(name:\"summary\", value:\"Check for the Version of libxfont\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|10\\.04 LTS|13\\.10|12\\.10)\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxfont1:i386\", ver:\"1:1.4.7-1ubuntu0.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.4-1ubuntu0.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.1-1ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxfont1:i386\", ver:\"1:1.4.6-1ubuntu0.2\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-2ubuntu0.12.10.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:48", "references": ["http://linux.oracle.com/errata/ELSA-2014-1870.html"], "pluginID": "1361412562310123247", "description": "Oracle Linux Local Security Checks ELSA-2014-1870", "edition": 4, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2014-1870", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:1361412562310123247", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123247", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-1870.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123247\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:01:14 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-1870\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-1870 - libXfont security update - [1.4.5-4]- CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601)- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601)- CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-1870\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-1870.html\");\nscript_cve_id(\"CVE-2014-0209\",\"CVE-2014-0210\",\"CVE-2014-0211\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.7~2.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libXfont-devel\", rpm:\"libXfont-devel~1.4.7~2.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.5~4.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libXfont-devel\", rpm:\"libXfont-devel~1.4.5~4.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:53", "references": ["http://www.debian.org/security/2014/dsa-2927.html"], "pluginID": "1361412562310702927", "description": "Ilja van Sprundel of IOActive discovered several security issues in the\nX.Org libXfont library, which may allow a local, authenticated user to\nattempt to raise privileges; or a remote attacker who can control the\nfont server to attempt to execute code with the privileges of the X\nserver.\n\nCVE-2014-0209 \nInteger overflow of allocations in font metadata file parsing could\nallow a local user who is already authenticated to the X server to\noverwrite other memory in the heap.\n\nCVE-2014-0210 \nlibxfont does not validate length fields when parsing xfs protocol\nreplies allowing to write past the bounds of allocated memory when\nstoring the returned data from the font server.\n\nCVE-2014-0211 \nInteger overflows calculating memory needs for xfs replies could\nresult in allocating too little memory and then writing the returned\ndata from the font server past the end of the allocated buffer.", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-05-13T00:00:00", "title": "Debian Security Advisory DSA 2927-1 (libxfont - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310702927", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702927", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2927.nasl 9354 2018-04-06 07:15:32Z cfischer $\n# Auto-generated from advisory DSA 2927-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"libxfont on Debian Linux\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 1:1.4.1-5.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1:1.4.5-4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:1.4.7-2.\n\nWe recommend that you upgrade your libxfont packages.\";\ntag_summary = \"Ilja van Sprundel of IOActive discovered several security issues in the\nX.Org libXfont library, which may allow a local, authenticated user to\nattempt to raise privileges; or a remote attacker who can control the\nfont server to attempt to execute code with the privileges of the X\nserver.\n\nCVE-2014-0209 \nInteger overflow of allocations in font metadata file parsing could\nallow a local user who is already authenticated to the X server to\noverwrite other memory in the heap.\n\nCVE-2014-0210 \nlibxfont does not validate length fields when parsing xfs protocol\nreplies allowing to write past the bounds of allocated memory when\nstoring the returned data from the font server.\n\nCVE-2014-0211 \nInteger overflows calculating memory needs for xfs replies could\nresult in allocating too little memory and then writing the returned\ndata from the font server past the end of the allocated buffer.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702927\");\n script_version(\"$Revision: 9354 $\");\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_name(\"Debian Security Advisory DSA 2927-1 (libxfont - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:15:32 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2014-05-13 00:00:00 +0200 (Tue, 13 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2927.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.1-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.1-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.1-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-28T10:49:04", "references": ["http://www.debian.org/security/2014/dsa-2927.html"], "pluginID": "702927", "description": "Ilja van Sprundel of IOActive discovered several security issues in the\nX.Org libXfont library, which may allow a local, authenticated user to\nattempt to raise privileges; or a remote attacker who can control the\nfont server to attempt to execute code with the privileges of the X\nserver.\n\nCVE-2014-0209 \nInteger overflow of allocations in font metadata file parsing could\nallow a local user who is already authenticated to the X server to\noverwrite other memory in the heap.\n\nCVE-2014-0210 \nlibxfont does not validate length fields when parsing xfs protocol\nreplies allowing to write past the bounds of allocated memory when\nstoring the returned data from the font server.\n\nCVE-2014-0211 \nInteger overflows calculating memory needs for xfs replies could\nresult in allocating too little memory and then writing the returned\ndata from the font server past the end of the allocated buffer.", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-05-13T00:00:00", "title": "Debian Security Advisory DSA 2927-1 (libxfont - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-07-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702927", "id": "OPENVAS:702927", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2927.nasl 6715 2017-07-13 09:57:40Z teissa $\n# Auto-generated from advisory DSA 2927-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"libxfont on Debian Linux\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 1:1.4.1-5.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1:1.4.5-4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:1.4.7-2.\n\nWe recommend that you upgrade your libxfont packages.\";\ntag_summary = \"Ilja van Sprundel of IOActive discovered several security issues in the\nX.Org libXfont library, which may allow a local, authenticated user to\nattempt to raise privileges; or a remote attacker who can control the\nfont server to attempt to execute code with the privileges of the X\nserver.\n\nCVE-2014-0209 \nInteger overflow of allocations in font metadata file parsing could\nallow a local user who is already authenticated to the X server to\noverwrite other memory in the heap.\n\nCVE-2014-0210 \nlibxfont does not validate length fields when parsing xfs protocol\nreplies allowing to write past the bounds of allocated memory when\nstoring the returned data from the font server.\n\nCVE-2014-0211 \nInteger overflows calculating memory needs for xfs replies could\nresult in allocating too little memory and then writing the returned\ndata from the font server past the end of the allocated buffer.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702927);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2014-0209\", \"CVE-2014-0210\", \"CVE-2014-0211\");\n script_name(\"Debian Security Advisory DSA 2927-1 (libxfont - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-05-13 00:00:00 +0200 (Tue, 13 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2927.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.1-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.1-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.1-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont-dev\", ver:\"1:1.4.5-4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1\", ver:\"1:1.4.5-4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxfont1-dbg\", ver:\"1:1.4.5-4\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:24", "references": ["https://alas.aws.amazon.com/ALAS-2014-404.html"], "pluginID": "1361412562310120495", "description": "Amazon Linux Local Security Checks", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-09-08T00:00:00", "title": "Amazon Linux Local Check: ALAS-2014-404", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2017-08-23T00:00:00", "id": "OPENVAS:1361412562310120495", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120495", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2014-404.nasl 6995 2017-08-23 11:52:03Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120495\");\nscript_version(\"$Revision: 6995 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-08 13:27:44 +0200 (Tue, 08 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-08-23 13:52:03 +0200 (Wed, 23 Aug 2017) $\");\nscript_name(\"Amazon Linux Local Check: ALAS-2014-404\");\nscript_tag(name: \"insight\", value: \"Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.\"); \nscript_tag(name : \"solution\", value : \"Run yum update libXfont to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2014-404.html\");\nscript_cve_id(\"CVE-2014-0211\", \"CVE-2014-0210\", \"CVE-2014-0209\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"libXfont\", rpm:\"libXfont~1.4.5~3.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"libXfont-devel\", rpm:\"libXfont-devel~1.4.5~3.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"libXfont-debuginfo\", rpm:\"libXfont-debuginfo~1.4.5~3.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:52", "references": [], "description": "\r\n\r\n[ANNOUNCE] X_Org Security Advisory: Multiple issues in libXfont.eml\r\n\u0422\u0435\u043c\u0430:\r\n[ANNOUNCE] X.Org Security Advisory: Multiple issues in libXfont\r\n\u041e\u0442:\r\nAlan Coopersmith &lt;alan.coopersmith@oracle.com&gt;\r\n\u0414\u0430\u0442\u0430:\r\n13.05.2014 19:08\r\n\u041a\u043e\u043c\u0443:\r\nxorg-announce@lists.x.org\r\n\u041a\u043e\u043f\u0438\u044f:\r\nxorg@lists.x.org, xorg-devel@lists.x.org\r\n\r\nX.Org Security Advisory: May 13, 2014\r\nX Font Service Protocol &amp; Font metadata file handling issues in libXfont\r\n========================================================================\r\n\r\nDescription:\r\n============\r\n\r\nIlja van Sprundel, a security researcher with IOActive, has discovered\r\nseveral issues in the way the libXfont library handles the responses \r\nit receives from xfs servers, and has worked with X.Org&#39;s security team \r\nto analyze, confirm, and fix these issues.\r\n\r\nMost of these issues stem from libXfont trusting the font server to send\r\nvalid protocol data, and not verifying that the values will not overflow \r\nor cause other damage. This code is commonly called from the X server \r\nwhen an X Font Server is active in the font path, so may be running in a \r\nsetuid-root process depending on the X server in use. Exploits of this\r\npath could be used by a local, authenticated user to attempt to raise\r\nprivileges; or by a remote attacker who can control the font server to\r\nattempt to execute code with the privileges of the X server. &#40;CVE-2014-XXXA\r\nis the exception, as it does not involve communication with a font server,\r\nas explained below.&#41;\r\n\r\nThe vulnerabilities are:\r\n\r\n- CVE-2014-0209: integer overflow of allocations in font metadata file parsing\r\n\r\n When a local user who is already authenticated to the X server adds\r\n a new directory to the font path, the X server calls libXfont to open\r\n the fonts.dir and fonts.alias files in that directory and add entries\r\n to the font tables for every line in it. A large file &#40;~2-4 gb&#41; could\r\n cause the allocations to overflow, and allow the remaining data read \r\n from the file to overwrite other memory in the heap.\r\n\r\n Affected functions: FontFileAddEntry&#40;&#41;, lexAlias&#40;&#41;\r\n\r\n- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies\r\n\r\n When parsing replies received from the font server, these calls do not\r\n check that the lengths and/or indexes returned by the font server are\r\n within the size of the reply or the bounds of the memory allocated to\r\n store the data, so could write past the bounds of allocated memory when\r\n storing the returned data.\r\n\r\n Affected functions: _fs_recv_conn_setup&#40;&#41;, fs_read_open_font&#40;&#41;,\r\n fs_read_query_info&#40;&#41;, fs_read_extent_info&#40;&#41;, fs_read_glyphs&#40;&#41;,\r\n fs_read_list&#40;&#41;, fs_read_list_info&#40;&#41;\r\n\r\n- CVE-2014-0211: integer overflows calculating memory needs for xfs replies\r\n\r\n These calls do not check that their calculations for how much memory\r\n is needed to handle the returned data have not overflowed, so can\r\n result in allocating too little memory and then writing the returned\r\n data past the end of the allocated buffer.\r\n\r\n Affected functions: fs_get_reply&#40;&#41;, fs_alloc_glyphs&#40;&#41;,\r\n fs_read_extent_info&#40;&#41;\r\n\r\n\r\nAffected Versions\r\n=================\r\n\r\nX.Org believes all prior versions of this library contain these flaws,\r\ndating back to its introduction in X11R5.\r\n\r\n\r\nFixes\r\n=====\r\n\r\nFixes are available in the patches for these libXfont git commits:\r\n\t2f5e57317339c526e6eaee1010b0e2ab8089c42e\r\n\t05c8020a49416dd8b7510cbba45ce4f3fc81a7dc\r\n\t891e084b26837162b12f841060086a105edde86d\r\n\tcbb64aef35960b2882be721f4b8fbaa0fb649d12\r\n\t0f1a5d372c143f91a602bdf10c917d7eabaee09b\r\n\t491291cabf78efdeec8f18b09e14726a9030cc8f\r\n\tc578408c1fd4db09e4e3173f8a9e65c81cc187c1\r\n\ta42f707f8a62973f5e8bbcd08afb10a79e9cee33\r\n\ta3f21421537620fc4e1f844a594a4bcd9f7e2bd8\r\n\t520683652564c2a4e42328ae23eef9bb63271565\r\n\t5fa73ac18474be3032ee7af9c6e29deab163ea39\r\n\td338f81df1e188eb16e1d6aeea7f4800f89c1218\r\n\r\nWhich are available now from:\r\n git://anongit.freedesktop.org/git/xorg/lib/libXfont\r\n http://cgit.freedesktop.org/xorg/lib/libXfont/\r\n\r\nFixes will also be included in these module releases from X.Org:\r\n libXfont 1.4.8\r\n libXfont 1.4.99.901 &#40;1.5.0 RC 1&#41;\r\n\r\nThanks\r\n======\r\n\r\nX.Org thanks Ilja van Sprundel of IOActive for reporting these issues to our\r\nsecurity team and assisting them in understanding them and evaluating our\r\nfixes, and Alan Coopersmith of Oracle for coordinating the X.Org response and\r\ndeveloping the fixes for these issues.\r\n\r\n-- -Alan Coopersmith- alan.coopersmith@oracle.com X.Org Security Response Team - xorg-security@lists.x.org\r\n\r\n\r\n\r\n_______________________________________________\r\nxorg-announce mailing list\r\nxorg-announce@lists.x.org\r\nhttp://lists.x.org/mailman/listinfo/xorg-announce\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-15T00:00:00", "title": "[oss-security] Fwd: [ANNOUNCE] X.Org Security Advisory: Multiple issues in libXfont", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:52", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-05-15T00:00:00", "id": "SECURITYVULNS:DOC:30744", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30744", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:52", "references": [], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2211-1\r\nMay 14, 2014\r\n\r\nlibxfont vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 13.10\r\n- Ubuntu 12.10\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in libXfont.\r\n\r\nSoftware Description:\r\n- libxfont: X11 font rasterisation library\r\n\r\nDetails:\r\n\r\nIlja van Sprundel discovered that libXfont incorrectly handled font\r\nmetadata file parsing. A local attacker could use this issue to cause\r\nlibXfont to crash, or possibly execute arbitrary code in order to gain\r\nprivileges. &#40;CVE-2014-0209&#41;\r\n\r\nIlja van Sprundel discovered that libXfont incorrectly handled X Font\r\nServer replies. A malicious font server could return specially-crafted data\r\nthat could cause libXfont to crash, or possibly execute arbitrary code.\r\nThis issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10\r\nand Ubuntu 13.10. &#40;CVE-2014-0210, CVE-2014-0211&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.04 LTS:\r\n libxfont1 1:1.4.7-1ubuntu0.1\r\n\r\nUbuntu 13.10:\r\n libxfont1 1:1.4.6-1ubuntu0.2\r\n\r\nUbuntu 12.10:\r\n libxfont1 1:1.4.5-2ubuntu0.12.10.2\r\n\r\nUbuntu 12.04 LTS:\r\n libxfont1 1:1.4.4-1ubuntu0.2\r\n\r\nUbuntu 10.04 LTS:\r\n libxfont1 1:1.4.1-1ubuntu0.3\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2211-1\r\n CVE-2014-0209, CVE-2014-0210, CVE-2014-0211\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libxfont/1:1.4.7-1ubuntu0.1\r\n https://launchpad.net/ubuntu/+source/libxfont/1:1.4.6-1ubuntu0.2\r\n https://launchpad.net/ubuntu/+source/libxfont/1:1.4.5-2ubuntu0.12.10.2\r\n https://launchpad.net/ubuntu/+source/libxfont/1:1.4.4-1ubuntu0.2\r\n https://launchpad.net/ubuntu/+source/libxfont/1:1.4.1-1ubuntu0.3\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-05-15T00:00:00", "title": "[USN-2211-1] libXfont vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:52", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-05-15T00:00:00", "id": "SECURITYVULNS:DOC:30726", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30726", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:55", "references": ["https://vulners.com/securityvulns/securityvulns:doc:30726", "https://vulners.com/securityvulns/securityvulns:doc:30744"], "description": "DoS, memory corruptions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2014-05-15T00:00:00", "title": "libXfont multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:55", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "libXfont", "version": "1.4", "operator": "eq"}], "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-05-15T00:00:00", "id": "SECURITYVULNS:VULN:13772", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13772", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:56", "references": ["https://vulners.com/securityvulns/securityvulns:doc:30931"], "description": "Over 100 vulnerabilities in different applications are fixed in quarterly update.", "edition": 1, "reporter": "ORACLE", "published": "2014-07-21T00:00:00", "title": "Oracle / Sun / PeopleSoft / MySQL applications security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:56", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Hyperion Essbase", "version": "11.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise FIN Install", "version": "9.2", "operator": "eq"}, {"name": "iPlanet Web Proxy Server", "version": "4.0", "operator": "eq"}, {"name": "Hyperion Common Admin", "version": "11.1", "operator": "eq"}, {"name": "Oracle WebCenter Portal", "version": "11.1", "operator": "eq"}, {"name": "Oracle Traffic Director", "version": "11.1", "operator": "eq"}, {"name": "Java SE", "version": "8", "operator": "eq"}, {"name": "Oracle Retail Returns Management", "version": "13.4", "operator": "eq"}, {"name": "Oracle Retail Back Office", "version": "8.0", "operator": "eq"}, {"name": "Oracle Communications Messaging Server", "version": "7.0", "operator": "eq"}, {"name": "MySQL", "version": "5.6", "operator": "eq"}, {"name": "PeopleSoft Enterprise ELS", "version": "9.2", "operator": "eq"}, {"name": "Oracle Retail Central Office", "version": "12.0", "operator": "eq"}, {"name": "Oracle Retail Central Office", "version": "8.0", "operator": "eq"}, {"name": "PeopleSoft Enterprise PT", "version": "8.53", "operator": "eq"}, {"name": "VirtualBox", "version": "3.2", "operator": "eq"}, {"name": "JDeveloper", "version": "11.1", "operator": "eq"}, {"name": "Oracle Retail Central Office", "version": "13.4", "operator": "eq"}, {"name": "PeopleSoft Enterprise SCM Purchasing", "version": "9.2", "operator": "eq"}, {"name": "Solaris", "version": "8", "operator": "eq"}, {"name": "Oracle Retail Returns Management", "version": "14.0", "operator": "eq"}, {"name": "Oracle Retail Returns Management", "version": "2.0", "operator": "eq"}, {"name": "Oracle Virtual Desktop Infrastructure", "version": "3.5", "operator": "eq"}, {"name": "Glassfish Communications Server", "version": "2.0", "operator": "eq"}, {"name": "Hyperion Analytic Provider Services", "version": "11.1", "operator": "eq"}, {"name": "Agile Product Collaboration", "version": "9.3", "operator": "eq"}, {"name": "WebLogic Server", "version": "10.0", "operator": "eq"}, {"name": "Oracle Retail Back Office", "version": "12.0", "operator": "eq"}, {"name": "WebLogic Server", "version": "12.1", "operator": "eq"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1", "operator": "eq"}, {"name": "GlassFish Server", "version": "2.1", "operator": "eq"}, {"name": "Oracle Retail Back Office", "version": "14.0", "operator": "eq"}, {"name": "GlassFish Server", "version": "3.1", "operator": "eq"}, {"name": "Solaris", "version": "9", "operator": "eq"}, {"name": "Solaris", "version": "11.1", "operator": "eq"}, {"name": "VirtualBox", "version": "4.3", "operator": "eq"}, {"name": "Sun Ray", "version": "5.4", "operator": "eq"}, {"name": "JDeveloper", "version": "12.1", "operator": "eq"}, {"name": "Oracle Retail Back Office", "version": "13.4", "operator": "eq"}, {"name": "BI Publisher", "version": "11.1", "operator": "eq"}, {"name": "Transportation Management", "version": "6.3", "operator": "eq"}, {"name": "Siebel Core - EAI", "version": "8.2", "operator": "eq"}, {"name": "Solaris", "version": "10", "operator": "eq"}, {"name": "Oracle HTTP Server", "version": "11.1", "operator": "eq"}, {"name": "Oracle HTTP Server", "version": "12.1", "operator": "eq"}, {"name": "Siebel Core - Server OM Frwks", "version": "8.2", "operator": "eq"}, {"name": "Fusion Applications", "version": "11.1", "operator": "eq"}, {"name": "Oracle Retail Central Office", "version": "14.0", "operator": "eq"}, {"name": "Java SE", "version": "5.0", "operator": "eq"}, {"name": "Oracle Secure Global Desktop", "version": "5.1", "operator": "eq"}, {"name": "Java SE", "version": "6", "operator": "eq"}, {"name": "JRockit", "version": "28.3", "operator": "eq"}, {"name": "iPlanet Web Server", "version": "6.1", "operator": "eq"}, {"name": "Java SE", "version": "7", "operator": "eq"}, {"name": "Siebel UI Framework", "version": "8.2", "operator": "eq"}, {"name": "Oracle Secure Global Desktop", "version": "4.71", "operator": "eq"}], "cvelist": ["CVE-2014-2482", "CVE-2012-3544", "CVE-2014-4224", "CVE-2014-4208", "CVE-2014-4213", "CVE-2014-4262", "CVE-2014-4242", "CVE-2014-2490", "CVE-2014-4226", "CVE-2014-4251", "CVE-2014-4263", "CVE-2014-4238", "CVE-2014-2481", "CVE-2013-3774", "CVE-2014-2480", "CVE-2014-4250", "CVE-2014-4260", "CVE-2014-2479", "CVE-2014-4218", "CVE-2014-4254", "CVE-2014-4258", "CVE-2014-4221", "CVE-2014-4255", "CVE-2014-4253", "CVE-2014-4268", "CVE-2014-4203", "CVE-2014-4265", "CVE-2014-4231", "CVE-2014-4201", "CVE-2014-4233", "CVE-2013-5855", "CVE-2014-4210", "CVE-2014-4229", "CVE-2014-0224", "CVE-2014-4267", "CVE-2014-4266", "CVE-2014-2486", "CVE-2014-4270", "CVE-2014-0098", "CVE-2014-4214", "CVE-2014-2485", "CVE-2014-4222", "CVE-2013-1741", "CVE-2014-4257", "CVE-2014-4244", "CVE-2014-2494", "CVE-2014-2487", "CVE-2014-4205", "CVE-2014-4261", "CVE-2014-0436", "CVE-2014-2493", "CVE-2014-4206", "CVE-2014-2488", "CVE-2014-4215", "CVE-2014-4209", "CVE-2014-4245", "CVE-2014-0114", "CVE-2014-0211", "CVE-2013-4286", "CVE-2014-4234", "CVE-2014-2489", "CVE-2014-4269", "CVE-2014-4216", "CVE-2014-4230", "CVE-2013-3751", "CVE-2014-4264", "CVE-2014-2477", "CVE-2014-4220", "CVE-2014-4237", "CVE-2014-4204", "CVE-2014-4243", "CVE-2014-4217", "CVE-2014-4239", "CVE-2014-4248", "CVE-2014-4211", "CVE-2014-2496", "CVE-2014-2483", "CVE-2014-4235", "CVE-2014-0033", "CVE-2014-4225", "CVE-2014-4241", "CVE-2014-4246", "CVE-2014-4207", "CVE-2014-4232", "CVE-2014-4256", "CVE-2014-4227", "CVE-2014-4247", "CVE-2014-4252", "CVE-2014-2492", "CVE-2014-4228", "CVE-2014-4202", "CVE-2014-4212", "CVE-2014-2484", "CVE-2014-4236", "CVE-2014-4240", "CVE-2014-4219", "CVE-2014-2456", "CVE-2014-4249", "CVE-2013-1620", "CVE-2014-4223", "CVE-2014-4271", "CVE-2014-2491", "CVE-2014-2495"], "modified": "2014-07-21T00:00:00", "id": "SECURITYVULNS:VULN:13868", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13868", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:50", "references": ["http://lists.x.org/archives/xorg-announce/2014-May/002431.html"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "7.4_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-c6-xorg-libs", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.4.7_3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libXfont", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "*", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-f10-xorg-libs", "operator": "eq"}], "description": "\nAlan Coopersmith reports:\n\nIlja van Sprundel, a security researcher with IOActive, has\n\t discovered several issues in the way the libXfont library\n\t handles the responses it receives from xfs servers, and has\n\t worked with X.Org's security team to analyze, confirm, and fix\n\t these issues.\nMost of these issues stem from libXfont trusting the font server\n\t to send valid protocol data, and not verifying that the values\n\t will not overflow or cause other damage. This code is commonly\n\t called from the X server when an X Font Server is active in the\n\t font path, so may be running in a setuid-root process depending\n\t on the X server in use. Exploits of this path could be used by\n\t a local, authenticated user to attempt to raise privileges; or\n\t by a remote attacker who can control the font server to attempt\n\t to execute code with the privileges of the X server.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2014-05-13T00:00:00", "title": "libXfont -- X Font Service Protocol and Font metadata file handling issues", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2015-07-15T00:00:00", "id": "B060EE50-DABA-11E3-99F2-BCAEC565249C", "href": "https://vuxml.freebsd.org/freebsd/b060ee50-daba-11e3-99f2-bcaec565249c.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:39:46", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "x86_64", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.x86_64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "i686", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.i686.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "x86_64", "packageFilename": "libXfont-1.4.7-2.el7_0.x86_64.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "src", "packageFilename": "libXfont-1.4.7-2.el7_0.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "src", "packageFilename": "libXfont-1.4.5-4.el6_6.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "src", "packageFilename": "libXfont-1.4.5-4.el6_6.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "x86_64", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.x86_64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "x86_64", "packageFilename": "libXfont-1.4.5-4.el6_6.x86_64.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageFilename": "libXfont-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageFilename": "libXfont-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.i686.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "i686", "packageFilename": "libXfont-1.4.7-2.el7_0.i686.rpm", "packageName": "libXfont", "operator": "lt"}], "description": "[1.4.5-4]\n- CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601)\n- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601)\n- CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)", "edition": 3, "reporter": "Oracle", "published": "2014-11-18T00:00:00", "title": "libXfont security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-11-18T00:00:00", "id": "ELSA-2014-1870", "href": "http://linux.oracle.com/errata/ELSA-2014-1870.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:46:31", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ia64", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.ia64.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ia64", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.ia64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "x86_64", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "src", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "src", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "src", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "x86_64", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont", "operator": "lt"}], "description": "[1.2.2-1.0.6]\n- CVE-2014-0209: integer overflow of allocations in font metadata file parsing (bug 1163602, bug 1163601)\n- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies (bug 1163602, bug 1163601)\n- CVE-2014-0211: integer overflows calculating memory needs for xfs replies (bug 1163602, bug 1163601)", "edition": 3, "reporter": "Oracle", "published": "2014-11-24T00:00:00", "title": "libXfont security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-11-24T00:00:00", "id": "ELSA-2014-1893", "href": "http://linux.oracle.com/errata/ELSA-2014-1893.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2016-09-28T21:04:06", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "i686", "packageFilename": "libXfont-1.4.5-3.9.amzn1.i686", "packageName": "libXfont", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "i686", "packageFilename": "libXfont-devel-1.4.5-3.9.amzn1.i686", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "i686", "packageFilename": "libXfont-debuginfo-1.4.5-3.9.amzn1.i686", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "src", "packageFilename": "libXfont-1.4.5-3.9.amzn1.src", "packageName": "libXfont", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "x86_64", "packageFilename": "libXfont-debuginfo-1.4.5-3.9.amzn1.x86_64", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "x86_64", "packageFilename": "libXfont-devel-1.4.5-3.9.amzn1.x86_64", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.4.5-3.9", "arch": "x86_64", "packageFilename": "libXfont-1.4.5-3.9.amzn1.x86_64", "packageName": "libXfont", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nMultiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.\n\nMultiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.\n\nMultiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.\n\n \n**Affected Packages:** \n\n\nlibXfont\n\n \n**Issue Correction:** \nRun _yum update libXfont_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n libXfont-1.4.5-3.9.amzn1.i686 \n libXfont-devel-1.4.5-3.9.amzn1.i686 \n libXfont-debuginfo-1.4.5-3.9.amzn1.i686 \n \n src: \n libXfont-1.4.5-3.9.amzn1.src \n \n x86_64: \n libXfont-1.4.5-3.9.amzn1.x86_64 \n libXfont-debuginfo-1.4.5-3.9.amzn1.x86_64 \n libXfont-devel-1.4.5-3.9.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2014-09-17T21:44:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "amazon", "title": "Medium: libXfont", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-09-19T12:02:00", "id": "ALAS-2014-404", "href": "https://alas.aws.amazon.com/ALAS-2014-404.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2017-10-08T01:31:14", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1:1.4.5-4", "arch": "all", "packageFilename": "libxfont_1:1.4.5-4_all.deb", "packageName": "libxfont", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1:1.4.5-4", "arch": "all", "packageFilename": "libxfont-dev_1:1.4.5-4_all.deb", "packageName": "libxfont-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1:1.4.5-4", "arch": "all", "packageFilename": "libxfont1_1:1.4.5-4_all.deb", "packageName": "libxfont1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "1:1.4.1-5", "arch": "all", "packageFilename": "libxfont_1:1.4.1-5_all.deb", "packageName": "libxfont", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1:1.4.5-4", "arch": "all", "packageFilename": "libxfont1-dbg_1:1.4.5-4_all.deb", "packageName": "libxfont1-dbg", "operator": "lt"}], "edition": 2, "description": "Ilja van Sprundel of IOActive discovered several security issues in the X.Org libXfont library, which may allow a local, authenticated user to attempt to raise privileges; or a remote attacker who can control the font server to attempt to execute code with the privileges of the X server.\n\n * [CVE-2014-0209](<https://security-tracker.debian.org/tracker/CVE-2014-0209>)\n\nInteger overflow of allocations in font metadata file parsing could allow a local user who is already authenticated to the X server to overwrite other memory in the heap.\n\n * [CVE-2014-0210](<https://security-tracker.debian.org/tracker/CVE-2014-0210>)\n\nlibxfont does not validate length fields when parsing xfs protocol replies allowing to write past the bounds of allocated memory when storing the returned data from the font server.\n\n * [CVE-2014-0211](<https://security-tracker.debian.org/tracker/CVE-2014-0211>)\n\nInteger overflows calculating memory needs for xfs replies could result in allocating too little memory and then writing the returned data from the font server past the end of the allocated buffer.\n\nFor the oldstable distribution (squeeze), these problems have been fixed in version 1:1.4.1-5.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 1:1.4.5-4.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1:1.4.7-2.\n\nWe recommend that you upgrade your libxfont packages.", "reporter": "Debian", "published": "2014-05-13T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "title": "libxfont -- security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-05-13T00:00:00", "id": "DSA-2927", "href": "http://www.debian.org/security/dsa-2927", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:38", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0211", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0209", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0210"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "1:1.4.5-2ubuntu0.12.10.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxfont1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "1:1.4.6-1ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxfont1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "1:1.4.4-1ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxfont1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "1:1.4.1-1ubuntu0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxfont1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1:1.4.7-1ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxfont1", "operator": "lt"}], "description": "Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209)\n\nIlja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially-crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0210, CVE-2014-0211)", "edition": 3, "reporter": "Ubuntu", "published": "2014-05-14T00:00:00", "title": "libXfont vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-05-14T00:00:00", "id": "USN-2211-1", "href": "https://usn.ubuntu.com/2211-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2017-09-09T07:19:50", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "src", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.src.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "x86_64", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "x86_64", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ppc64", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.ppc64.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ppc", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.ppc.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "s390x", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.s390x.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "s390", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.s390.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ppc64", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.ppc64.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ppc64", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.ppc64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ppc", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.ppc.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ppc", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.ppc.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "s390x", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.s390x.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "s390", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.s390.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "s390x", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.s390x.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "s390", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.s390.rpm", "packageName": "libXfont", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ia64", "packageFilename": "libXfont-debuginfo-1.2.2-1.0.6.el5_11.ia64.rpm", "packageName": "libXfont-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "x86_64", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.x86_64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "i386", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ia64", "packageFilename": "libXfont-devel-1.2.2-1.0.6.el5_11.ia64.rpm", "packageName": "libXfont-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.2.2-1.0.6.el5_11", "arch": "ia64", "packageFilename": "libXfont-1.2.2-1.0.6.el5_11.ia64.rpm", "packageName": "libXfont", "operator": "lt"}], "description": "The libXfont packages provide the X.Org libXfont runtime library. X.Org is\nan open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n", "reporter": "RedHat", "published": "2014-11-24T05:00:00", "type": "redhat", "title": "(RHSA-2014:1893) Important: libXfont security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0209", "CVE-2014-0210", "CVE-2014-0211"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:14:04", "id": "RHSA-2014:1893", "href": "https://access.redhat.com/errata/RHSA-2014:1893", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-06-06T18:05:26", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.5-4.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "src", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "x86_64", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.5-4.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "i686", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "x86_64", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "x86_64", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "ppc64", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.5-4.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "ppc", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.5-4.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "ppc64", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "ppc", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "ppc", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "ppc64", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "s390x", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.5-4.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "s390", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.5-4.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "s390x", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "s390x", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "s390", "packageName": "libXfont", "packageFilename": "libXfont-1.4.5-4.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.4.5-4.el6_6", "arch": "s390", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.5-4.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "x86_64", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.7-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "i686", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.7-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "src", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "i686", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "x86_64", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "i686", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "x86_64", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "ppc", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.7-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "ppc64", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.7-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "ppc", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "ppc64", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "ppc", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "ppc64", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "s390x", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.7-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "s390", "packageName": "libXfont-debuginfo", "packageFilename": "libXfont-debuginfo-1.4.7-2.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "s390x", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "s390", "packageName": "libXfont-devel", "packageFilename": "libXfont-devel-1.4.7-2.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "s390x", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.4.7-2.el7_0", "arch": "s390", "packageName": "libXfont", "packageFilename": "libXfont-1.4.7-2.el7_0.s390.rpm", "operator": "lt"}], "description": "The libXfont packages provide the X.Org libXfont runtime library. X.Org is\nan open source implementation of the X Window System.\n\nA use-after-free flaw was found in the way libXfont processed certain font\nfiles when attempting to add a new directory to the font path. A malicious,\nlocal user could exploit this issue to potentially execute arbitrary code\nwith the privileges of the X.Org server. (CVE-2014-0209)\n\nMultiple out-of-bounds write flaws were found in the way libXfont parsed\nreplies received from an X.org font server. A malicious X.org server could\ncause an X client to crash or, possibly, execute arbitrary code with the\nprivileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211)\n\nRed Hat would like to thank the X.org project for reporting these issues.\nUpstream acknowledges Ilja van Sprundel as the original reporter.\n\nUsers of libXfont should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. All running X.Org server instances\nmust be restarted for the update to take effect.\n", "reporter": "RedHat", "published": "2014-11-18T05:00:00", "type": "redhat", "title": "(RHSA-2014:1870) Important: libXfont security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0209", "CVE-2014-0210", "CVE-2014-0211"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:21", "id": "RHSA-2014:1870", "href": "https://access.redhat.com/errata/RHSA-2014:1870", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0210", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0209", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0211", "https://bugs.gentoo.org/show_bug.cgi?id=510250"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.4.8", "packageName": "x11-libs/libXfont", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nlibXfont is an X11 font rasterisation library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could use a specially crafted file to gain privileges, cause a Denial of Service condition or possibly execute arbitrary code with the privileges of the process. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libXfont users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/libXfont-1.4.8\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-06-14T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "gentoo", "title": "libXfont: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0211", "CVE-2014-0209", "CVE-2014-0210"], "modified": "2014-06-14T00:00:00", "id": "GLSA-201406-11", "href": "https://security.gentoo.org/glsa/201406-11", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oracle": [{"lastseen": "2018-08-31T04:14:02", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are generally cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 113 new security fixes across the product families listed below.\n\nPlease note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\nPlease note that on April 18, 2014, Oracle released a [Security Alert for CVE-2014-0160 OpenSSL \"Heartbleed\"](<http://www.oracle.com/technetwork/topics/security/alert-cve-2014-0160-2190703.html>). This Critical Patch Update includes an update to MySQL Enterprise Server 5.6 and this update includes a fix for vulnerability CVE-2014-0160. Customers of other Oracle products are strongly advised to apply the [fixes ](<http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html>) that were announced in the Security Alert for CVE-2014-0160.\n", "edition": 3, "reporter": "Oracle", "published": "2014-07-15T00:00:00", "title": "Oracle Critical Patch Update - July 2014", "type": "oracle", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Java SE, JRockit", "version": "28.3.2", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.3", "operator": "le"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.0", "operator": "le"}, {"name": "Oracle Secure Global Desktop (SGD)", "version": "5.0", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.1", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "13.4", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Virtual Desktop Infrastructure (VDI)", "version": "3.5.1", "operator": "le"}, {"name": "Siebel Travel & Transportation", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.3", "operator": "le"}, {"name": "Java SE, JRockit", "version": "8u5", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "12.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.37", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.4", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "13.1", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "2.1.1", "operator": "le"}, {"name": "RDBMS Core", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Concurrent Processing", "version": "12.2.2", "operator": "le"}, {"name": "Java SE", "version": "7u60", "operator": "le"}, {"name": "Hyperion Analytic Provider Services", "version": "11.1.2.2", "operator": "le"}, {"name": "Solaris", "version": "8", "operator": "le"}, {"name": "Solaris", "version": "2.3.1.0", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "8.0", "operator": "le"}, {"name": "Solaris", "version": "2.4.2.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM Purchasing", "version": "9.2", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.2", "operator": "le"}, {"name": "RDBMS Core", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.3", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "14.0", "operator": "le"}, {"name": "RDBMS Core", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.34", "operator": "le"}, {"name": "Solaris", "version": "11.1", "operator": "le"}, {"name": "Solaris", "version": "2.3.1.1", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.1", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "13.3", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.12", "operator": "le"}, {"name": "Hyperion Common Admin", "version": "11.1.2.3", "operator": "le"}, {"name": "Java SE, JRockit", "version": "6u75", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3", "operator": "le"}, {"name": "Oracle Agile Product Collaboration", "version": "9.3.3", "operator": "le"}, {"name": "Siebel Core - Server OM Frwks", "version": "8.1.1", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.2.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.26", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.2", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Java SE", "version": "8u5", "operator": "le"}, {"name": "Hyperion Common Admin", "version": "11.1.2.2", "operator": "le"}, {"name": "PeopleSoft Enterprise ELS Enterprise Learning Management", "version": "9.2", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.1.3", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Siebel Travel & Transportation", "version": "8.1.1", "operator": "le"}, {"name": "Oracle iStore", "version": "11.5.10.2", "operator": "le"}, {"name": "Java SE", "version": "6u75", "operator": "le"}, {"name": "Hyperion BI+", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Applications Technology Stack", "version": "11.5.10.2", "operator": "le"}, {"name": "XML Parser", "version": "12.1.0.1", "operator": "le"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1.2.3", "operator": "le"}, {"name": "RDBMS Core", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Concurrent Processing", "version": "12.2.3", "operator": "le"}, {"name": "Solaris", "version": "2.4.0.0", "operator": "le"}, {"name": "Solaris", "version": "2.4.1.0", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.2", "operator": "le"}, {"name": "BI Publisher", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Secure Global Desktop (SGD)", "version": "4.63", "operator": "le"}, {"name": "Hyperion BI+", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Concurrent Processing", "version": "12.1.3", "operator": "le"}, {"name": "Solaris", "version": "9", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "2.0", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.4", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.2", "operator": "le"}, {"name": "Siebel Core - Server OM Frwks", "version": "8.2.2", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.2.0.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.1.0", "operator": "le"}, {"name": "PeopleSoft Enterprise PT PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Network Layer", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.3", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "14.0", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.26", "operator": "le"}, {"name": "Oracle iPlanet Web Proxy Server", "version": "4.0.24", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Oracle Secure Global Desktop (SGD)", "version": "4.71", "operator": "le"}, {"name": "PeopleSoft Enterprise ELS Enterprise Learning Management", "version": "9.1", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.1.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.14", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "6.1", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.0.2.0", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "14.0", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "12.0.9IN", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.0.6", "operator": "le"}, {"name": "Hyperion Analytic Provider Services", "version": "11.1.2.3", "operator": "le"}, {"name": "Solaris", "version": "2.3.1.2", "operator": "le"}, {"name": "Java SE", "version": "5.0u65", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.3", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.7.0", "operator": "le"}, {"name": "PeopleSoft Enterprise PT PeopleTools", "version": "8.52", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "7.0.5.30.0", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.1", "operator": "le"}, {"name": "Java SE, JRockit", "version": "27.8.2", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.0.1", "operator": "le"}, {"name": "GlassFish Communications Server", "version": "2.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.1", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.0", "operator": "le"}, {"name": "Siebel Core - EAI", "version": "8.2.2", "operator": "le"}, {"name": "Sun Ray Software", "version": "5.4.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iStore", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.2", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "8.0", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "7.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.17", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.8", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "12.0", "operator": "le"}, {"name": "PeopleSoft Enterprise FIN Install", "version": "9.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "3.2.24", "operator": "le"}, {"name": "Siebel Core - EAI", "version": "8.1.1", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.15", "operator": "le"}, {"name": "Java SE, JRockit", "version": "7u60", "operator": "le"}, {"name": "Hyperion Essbase", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "11.5.10.2", "operator": "le"}, {"name": "Java SE, JRockit", "version": "5.0u65", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "13.2", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.35", "operator": "le"}, {"name": "Oracle Fusion Middleware", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "12.0.9IN", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.7", "operator": "le"}, {"name": "Hyperion Essbase", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.1.2", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.4", "operator": "le"}, {"name": "PeopleSoft Enterprise FIN Install", "version": "9.1", "operator": "le"}, {"name": "Oracle Secure Global Desktop (SGD)", "version": "5.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.2", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM Purchasing", "version": "9.1", "operator": "le"}], "cvelist": ["CVE-2014-2482", "CVE-2012-3544", "CVE-2014-4224", "CVE-2014-4208", "CVE-2014-4213", "CVE-2014-4262", "CVE-2014-4242", "CVE-2014-2490", "CVE-2014-4226", "CVE-2014-4251", "CVE-2014-4263", "CVE-2014-4238", "CVE-2014-2481", "CVE-2013-3774", "CVE-2014-2480", "CVE-2014-4250", "CVE-2014-4260", "CVE-2014-2479", "CVE-2014-4218", "CVE-2014-4254", "CVE-2014-4258", "CVE-2014-4221", "CVE-2013-6449", "CVE-2014-4255", "CVE-2014-4253", "CVE-2014-4268", "CVE-2013-2172", "CVE-2014-4203", "CVE-2014-4265", "CVE-2014-4231", "CVE-2014-4201", "CVE-2014-4233", "CVE-2013-5855", "CVE-2014-4210", "CVE-2014-4229", "CVE-2013-5605", "CVE-2014-0224", "CVE-2014-4267", "CVE-2014-4266", "CVE-2014-2486", "CVE-2014-4270", "CVE-2014-0098", "CVE-2014-4214", "CVE-2014-2485", "CVE-2014-4222", "CVE-2013-1741", "CVE-2014-4257", "CVE-2014-4244", "CVE-2014-2494", "CVE-2014-2487", "CVE-2014-4205", "CVE-2014-4261", "CVE-2014-0436", "CVE-2013-1740", "CVE-2014-2493", "CVE-2014-4206", "CVE-2014-0099", "CVE-2013-6438", "CVE-2014-3470", "CVE-2014-2488", "CVE-2013-1739", "CVE-2014-4215", "CVE-2014-0119", "CVE-2014-1492", "CVE-2014-4209", "CVE-2013-6450", "CVE-2014-4245", "CVE-2013-5606", "CVE-2014-0114", "CVE-2014-0211", "CVE-2013-4322", "CVE-2014-0050", "CVE-2013-2461", "CVE-2014-1490", "CVE-2010-5298", "CVE-2014-0160", "CVE-2013-4286", "CVE-2014-0209", "CVE-2014-0210", "CVE-2014-4234", "CVE-2014-2489", "CVE-2014-0195", "CVE-2014-4269", "CVE-2014-0198", "CVE-2014-4216", "CVE-2014-4230", "CVE-2013-3751", "CVE-2014-4264", "CVE-2014-2477", "CVE-2014-4220", "CVE-2014-4237", "CVE-2014-4204", "CVE-2014-0096", "CVE-2014-4243", "CVE-2014-4217", "CVE-2014-4239", "CVE-2014-4248", "CVE-2014-0075", "CVE-2014-4211", "CVE-2014-2496", "CVE-2014-2483", "CVE-2014-4235", "CVE-2014-0033", "CVE-2014-4225", "CVE-2014-4241", "CVE-2014-4246", "CVE-2014-4207", "CVE-2014-4232", "CVE-2014-4256", "CVE-2014-1491", "CVE-2014-4227", "CVE-2014-4247", "CVE-2014-4252", "CVE-2014-2492", "CVE-2014-4228", "CVE-2014-4202", "CVE-2014-4212", "CVE-2014-2484", "CVE-2014-4236", "CVE-2014-4240", "CVE-2014-4219", "CVE-2014-2456", "CVE-2014-4249", "CVE-2013-1620", "CVE-2014-4223", "CVE-2014-4271", "CVE-2014-0221", "CVE-2014-2491", "CVE-2014-2495"], "modified": "2014-07-24T00:00:00", "id": "ORACLE:CPUJUL2014-1972956", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}