CVE-2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

Published: Apr 6, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-1352
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.8
AV:A/AC:M/Au:S/C:N/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mandrakesoft / mandrake_multi_network_firewall	2.0	2.0.x
x.org / libxfont	1.2.2	1.2.2.x
redhat / enterprise_linux	2.1	2.1.x
redhat / enterprise_linux	4.0	4.0.x
redhat / enterprise_linux_desktop	3.0	3.0.x
redhat / linux_advanced_workstation	2.1	2.1.x
redhat / enterprise_linux	3.0	3.0.x
redhat / fedora_core	core_1.0	core_1.0.x
redhat / linux	9.0	9.0.x
redhat / enterprise_linux_desktop	5.0	5.0.x
redhat / enterprise_linux_desktop	4.0	4.0.x
slackware / slackware_linux	9.0	9.0.x
slackware / slackware_linux	9.1	9.1.x
slackware / slackware_linux	current	current.x
turbolinux / turbolinux_desktop	10.0	10.0.x
ubuntu / ubuntu_linux	6.10	6.10.x
ubuntu / ubuntu_linux	4.1	4.1.x
ubuntu / ubuntu_linux	5.10	5.10.x
ubuntu / ubuntu_linux	6.06_lts	6.06_lts.x
rpath / linux	1	1.x
openbsd / openbsd	3.9	3.9.x
openbsd / openbsd	4.0	4.0.x

Vulnerability Database

289,599

CVE-2007-1352