Vulnerability Database
299,749
Total vulnerabilities in the database
CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
| Software | From | Fixed in |
|---|---|---|
| xfree86_project / xfree86_x | - | - |
| x.org / x.org | 6.8.2 | 6.8.2.x |
- http://secunia.com/advisories/21864
- http://secunia.com/advisories/21889
- http://secunia.com/advisories/21890
- http://secunia.com/advisories/21894
- http://secunia.com/advisories/21900
- http://secunia.com/advisories/21904
- http://secunia.com/advisories/21908
- http://secunia.com/advisories/21924
- http://secunia.com/advisories/22080
- http://secunia.com/advisories/22141
- http://secunia.com/advisories/22332
- http://secunia.com/advisories/22560
- http://secunia.com/advisories/23033
- http://secunia.com/advisories/23899
- http://secunia.com/advisories/23907
- http://secunia.com/advisories/24636
- http://security.gentoo.org/glsa/glsa-200609-07.xml
- http://securitytracker.com/id?1016828
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1
- http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm
- http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm
- http://www.debian.org/security/2006/dsa-1193
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:164
- http://www.novell.com/linux/security/advisories/2006_23_sr.html
- http://www.redhat.com/support/errata/RHSA-2006-0665.html
- http://www.redhat.com/support/errata/RHSA-2006-0666.html
- http://www.securityfocus.com/archive/1/445812/100/0/threaded
- http://www.securityfocus.com/archive/1/464268/100/0/threaded
- http://www.securityfocus.com/bid/19974
- http://www.ubuntu.com/usn/usn-344-1
- http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
- http://www.vupen.com/english/advisories/2006/3581
- http://www.vupen.com/english/advisories/2006/3582
- http://www.vupen.com/english/advisories/2007/0322
- http://www.vupen.com/english/advisories/2007/1171
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28890
- https://issues.rpath.com/browse/RPL-614
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime