532 matches found
SUSE CVE-2013-6462
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in a character name in a BDF font file...
SUSE CVE-2014-0210
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the 1 fsrecvconnsetup, 2 fsreadopenfont, 3 fsreadqueryinfo, 4 fsreadextentinfo, 5 fsreadglyphs, 6 fsreadlist, or 7...
SUSE CVE-2014-0211
Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow...
SUSE CVE-2015-1802
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly execute arbitrary code via a 1 negative or 2 large property count in a BDF font file...
SUSE CVE-2015-1803
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...
SUSE CVE-2015-1804
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...
SUSE CVE-2017-13722
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check for PCF files could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server...
SUSE CVE-2017-16611
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open but not read files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files...
The vulnerability of the LibXfont library lies in the improper definition of symbolic links before accessing the file, allowing attackers to trigger a service failure.
The vulnerability of the LibXfont library is related to the incorrect definition of symbolic links before accessing the file. Exploiting this vulnerability allows an attacker to cause service failures...
Ubuntu: Security Advisory (USN-341-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-344-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2017-333-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2014-013-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2901-1 : libxfont - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2901 advisory. - In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open but not read files on the system as root, triggering tape rewinds, watchdogs, or similar...
Mageia: Security Advisory (MGASA-2017-0373)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0278)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0020)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0442)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0113)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2901-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...