Total vulnerabilities in the database
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
| Software | From | Fixed in |
|---|---|---|
| x / libxfont | - | 1.4.8.x |
| x / libxfont | 1.5.0 | 1.5.0.x |