K16118: libXfont vulnerabilities CVE-2014-0209, CVE-2014-0210 and CVE-2014-0211

Security Advisory Description CVE-2014-0209 Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the...

Amazon Linux: Security Advisory (ALAS-2014-404)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : libXfont (ALAS-2014-404)

Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. Multiple buffer overflows in...

CVE-2014-0210

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the 1 fsrecvconnsetup, 2 fsreadopenfont, 3 fsreadqueryinfo, 4 fsreadextentinfo, 5 fsreadglyphs, 6 fsreadlist, or 7...

CVE-2014-0211

Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow...

Buffer overflow

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the 1 fsrecvconnsetup, 2 fsreadopenfont, 3 fsreadqueryinfo, 4 fsreadextentinfo, 5 fsreadglyphs, 6 fsreadlist, or 7...

Integer overflow

Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow...

CVE-2014-0210

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the 1 fsrecvconnsetup, 2 fsreadopenfont, 3 fsreadqueryinfo, 4 fsreadextentinfo, 5 fsreadglyphs, 6 fsreadlist, or 7...

CVE-2014-0211

Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow...

CVE-2014-0210

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the 1 fsrecvconnsetup, 2 fsreadopenfont, 3 fsreadqueryinfo, 4 fsreadextentinfo, 5 fsreadglyphs, 6 fsreadlist, or 7...