Denial Of Service (DoS)

libXfont.so is vulnerable to denial of service DoS attack. The PatternMatch function in fontfile/fontdir.c does not handle the case when a pattern contains the ? character, skipping characters characters such as the NULL character or \0 in the string and eventually crashing when invalid memory is...

CVE-2017-13720

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash denial of service. This occurs because '\0'...

CVE-2017-13720

Summary: LibXfont (libXfont and libXfont2) contains a vulnerability in the PatternMatch function (fontfile/fontdir.c). The flaw allows a buffer over-read during font pattern matching, potentially leading to information disclosure or a crash. It affects libXfont up to 1.5.2 and libXfont2 up to 2.x...

CVE-2017-13720

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash denial of service. This occurs because '\0'...