CVE-2008-0006

2008-01-1800:00:00

ubuntu.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.459 Medium

EPSS

Percentile

97.4%

JSON

Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and
libXfont libraries on some platforms including Sun Solaris, allows
context-dependent attackers to execute arbitrary code via a PCF font with a
large difference between the last col and first col values in the
PCF_BDF_ENCODINGS table.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlibxfont< 1:1.0.0-0ubuntu3.4UNKNOWN
ubuntu6.10noarchlibxfont< 1:1.2.0-0ubuntu3.2UNKNOWN
ubuntu7.04noarchlibxfont< 1:1.2.7-1ubuntu1.1UNKNOWN
ubuntu7.10noarchlibxfont< 1:1.3.0-0ubuntu1.1UNKNOWN
ubuntu6.06noarchxorg-server< 1:1.0.2-0ubuntu10.8UNKNOWN
ubuntu6.10noarchxorg-server< 1:1.1.1-0ubuntu12.3UNKNOWN
ubuntu7.04noarchxorg-server< 2:1.2.0-3ubuntu8.1UNKNOWN
ubuntu7.10noarchxorg-server< 2:1.3.0.0.dfsg-12ubuntu8.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	libxfont	< 1:1.0.0-0ubuntu3.4	UNKNOWN
ubuntu	6.10	noarch	libxfont	< 1:1.2.0-0ubuntu3.2	UNKNOWN
ubuntu	7.04	noarch	libxfont	< 1:1.2.7-1ubuntu1.1	UNKNOWN
ubuntu	7.10	noarch	libxfont	< 1:1.3.0-0ubuntu1.1	UNKNOWN
ubuntu	6.06	noarch	xorg-server	< 1:1.0.2-0ubuntu10.8	UNKNOWN
ubuntu	6.10	noarch	xorg-server	< 1:1.1.1-0ubuntu12.3	UNKNOWN
ubuntu	7.04	noarch	xorg-server	< 2:1.2.0-3ubuntu8.1	UNKNOWN
ubuntu	7.10	noarch	xorg-server	< 2:1.3.0.0.dfsg-12ubuntu8.1	UNKNOWN