Lucene search
UbuntuUSN-1191-1HistoryAug 15, 2011 - 12:00 a.m.
libXfont vulnerability
2011-08-1500:00:00
ubuntu.com
30
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
86.1%
Releases
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04
Packages
- libxfont - X11 font rasterisation library
Details
Tomas Hoger discovered that libXfont incorrectly handled certain malformed
compressed fonts. An attacker could use a specially crafted font file to
cause libXfont to crash, or possibly execute arbitrary code in order to
gain privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.04 | noarch | libxfont1 | < 1:1.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libxfont-dev | < 1:1.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libxfont1-dbg | < 1:1.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libxfont1-udeb | < 1:1.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libxfont1 | < 1:1.4.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libxfont-dev | < 1:1.4.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libxfont1-dbg | < 1:1.4.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libxfont1-udeb | < 1:1.4.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | libxfont1 | < 1:1.4.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | libxfont-dev | < 1:1.4.1-1ubuntu0.1 | UNKNOWN |
References
Related
nessus
nessus
Scientific Linux Security Update : libXfont on SL5.x, SL6.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : freetype (RHSA-2011:1161)
2011-08-16 00:00:00
Scientific Linux Security Update : freetype on SL4.x i386/x86_64
2012-08-01 00:00:00
openvas
openvas
RedHat Update for xorg-x11 RHSA-2011:1155-01
2011-08-12 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-11:04.compress.asc)
2011-10-16 00:00:00
CentOS Update for xorg-x11 CESA-2011:1155 centos4 x86_64
2012-07-30 00:00:00
centos
centos
freetype security update
2011-08-16 13:02:42
xorg security update
2011-08-14 20:09:20
libXfont security update
2011-09-02 16:41:15
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:01:36
oraclelinux
oraclelinux
xorg-x11 security update
2011-08-12 00:00:00
freetype security update
2011-08-15 00:00:00
libXfont security update
2011-08-11 00:00:00
freebsd
freebsd
libXfont -- possible local privilege escalation
2011-07-26 00:00:00
FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1)
2011-09-28 00:00:00
redhat
redhat
(RHSA-2011:1161) Moderate: freetype security update
2011-08-15 00:00:00
(RHSA-2011:1834) Important: libXfont security update
2011-12-19 00:00:00
(RHSA-2011:1155) Important: xorg-x11 security update
2011-08-11 00:00:00
suse
suse
Security update for Xorg X11 (important)
2011-09-13 17:08:18
Security update for Xorg-X11 (important)
2011-12-06 21:08:30
xorg-x11-libs (important)
2011-12-05 18:08:19
securityvulns
securityvulns
[USN-1191-1] libXfont vulnerability
2011-08-17 00:00:00
libXfont memory corruption
2013-08-17 00:00:00
Apple Mac OS X multiple security vulnerabilities
2012-08-20 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:04.compress
2011-09-28 00:00:00
debian
debian
[SECURITY] [DSA 2293-1] libxfont security update
2011-08-12 14:15:28
gentoo
gentoo
libXfont: Multiple vulnerabilities
2014-02-21 00:00:00
debiancve
debiancve
CVE-2011-2895
2011-08-19 17:55:03
CVE-2011-2896
2011-08-19 17:55:03
ubuntucve
ubuntucve
CVE-2011-2895
2011-08-11 00:00:00
CVE-2011-2896
2011-08-19 00:00:00
cve
cve
CVE-2011-2896
2011-08-19 17:55:03
CVE-2011-2895
2011-08-19 17:55:03
cvelist
cvelist
CVE-2011-2896
2011-08-19 17:00:00
CVE-2011-2895
2011-08-19 17:00:00
nvd
nvd
CVE-2011-2896
2011-08-19 17:55:03
CVE-2011-2895
2011-08-19 17:55:03
prion
prion
Heap overflow
2011-08-19 17:55:00
Heap overflow
2011-08-19 17:55:00
fedora
fedora
[SECURITY] Fedora 20 Update: nx-libs-3.5.0.29-1.fc20
2015-03-26 21:29:40
[SECURITY] Fedora 22 Update: nx-libs-3.5.0.29-1.fc22
2015-03-21 04:53:26
[SECURITY] Fedora 21 Update: nx-libs-3.5.0.29-1.fc21
2015-03-26 21:51:39
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
86.1%
Related for USN-1191-1