CVE-2007-1351
Summary
| CVE | CVE-2007-1351 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-04-06 01:19:00 UTC |
| Updated | 2018-10-16 16:38:00 UTC |
| Description | Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. |
Risk And Classification
Problem Types: CWE-189
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Mandrakesoft | Mandrake Linux | 2007 | All | All | All |
| Operating System | Mandrakesoft | Mandrake Linux | 2007 | All | x86_64 | All |
| Operating System | Mandrakesoft | Mandrake Linux | 2007 | All | All | All |
| Operating System | Mandrakesoft | Mandrake Linux | 2007 | All | x86_64 | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 3.0 | All | All | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 3.0 | All | x86_64 | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 4.0 | All | All | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 4.0 | All | x86_64 | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 3.0 | All | All | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 3.0 | All | x86_64 | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 4.0 | All | All | All |
| Operating System | Mandrakesoft | Mandrake Linux Corporate Server | 4.0 | All | x86_64 | All |
| Application | Mandrakesoft | Mandrake Multi Network Firewall | 2.0 | All | All | All |
| Application | Mandrakesoft | Mandrake Multi Network Firewall | 2.0 | All | All | All |
| Operating System | Openbsd | Openbsd | 3.9 | All | All | All |
| Operating System | Openbsd | Openbsd | 4.0 | All | All | All |
| Operating System | Openbsd | Openbsd | 3.9 | All | All | All |
| Operating System | Openbsd | Openbsd | 4.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | advanced_server | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | advanced_server_ia64 | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | enterprise_server_ia64 | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | workstation_ia64 | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | advanced_servers | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | advanced_server | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | desktop | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | desktop_workstation | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | server | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | advanced_server | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | advanced_server_ia64 | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | enterprise_server_ia64 | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux | 2.1 | All | workstation_ia64 | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | advanced_servers | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | advanced_server | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | desktop | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | desktop_workstation | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | server | All |
| Operating System | Redhat | Enterprise Linux Desktop | 3.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 4.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 3.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 4.0 | All | All | All |
| Operating System | Redhat | Linux Advanced Workstation | 2.1 | All | ia64 | All |
| Operating System | Redhat | Linux Advanced Workstation | 2.1 | All | itanium | All |
| Operating System | Redhat | Linux Advanced Workstation | 2.1 | All | ia64 | All |
| Operating System | Redhat | Linux Advanced Workstation | 2.1 | All | itanium | All |
| Operating System | Rpath | Rpath Linux | 1 | All | All | All |
| Operating System | Rpath | Rpath Linux | 1 | All | All | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | amd64 | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | i386 | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | powerpc | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | sparc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | amd64 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | i386 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | powerpc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | sparc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | amd64 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | i386 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | powerpc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | sparc | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | amd64 | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | i386 | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | powerpc | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | sparc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | amd64 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | i386 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | powerpc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06_lts | All | sparc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | amd64 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | i386 | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | powerpc | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.10 | All | sparc | All |
| Application | X.org | Libxfont | 1.2.2 | All | All | All |
| Application | X.org | Libxfont | 1.2.2 | All | All | All |
| Application | Xfree86 Project | X11r6 | 4.3.0 | All | All | All |
| Application | Xfree86 Project | X11r6 | 4.3.0.1 | All | All | All |
| Application | Xfree86 Project | X11r6 | 4.3.0.2 | All | All | All |
| Application | Xfree86 Project | X11r6 | 4.3.0 | All | All | All |
| Application | Xfree86 Project | X11r6 | 4.3.0.1 | All | All | All |
| Application | Xfree86 Project | X11r6 | 4.3.0.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability | IDEFENSE | labs.idefense.com | Patch |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| APPLE-SA-2007-11-14 Safari 3 Beta Update 3.0.4 (Windows) | APPLE | lists.apple.com | |
| Webmail | OVH- OVH | VUPEN | www.vupen.com | |
| OpenBSD 4.0 errata | OPENBSD | www.openbsd.org | |
| USN-448-1: X.org vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | |
| APPLE-SA-2009-02-12 Security Update 2009-001 | APPLE | lists.apple.com | |
| OpenBSD 3.9 errata | OPENBSD | www.openbsd.org | |
| Debian -- Security Information -- DSA-1294-1 xfree86 | DEBIAN | www.debian.org | |
| Sun Solaris X11 Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| ImageMagick XGetPixel/XInitImage Multiple Integer Overflow Vulnerabilities | BID | www.securityfocus.com | |
| Ubuntu update for freetype, libxfont, xorg, and xorg-server - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Gentoo Linux Documentation -- LibXfont, TightVNC: Multiple vulnerabilities | GENTOO | security.gentoo.org | |
| [ANNOUNCE] various integer overflow vulnerabilites in xserver, libX11 and libXfont | MLIST | lists.freedesktop.org | |
| Red Hat update for XFree86 - Advisories - Secunia | SECUNIA | secunia.com | |
| FreeType BDF Font Integer Overflow Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Support | REDHAT | www.redhat.com | |
| X.Org LibXFont Multiple Local Integer Overflow Vulnerabilities | BID | www.securityfocus.com | Patch |
| Webmail- OVH | VUPEN | www.vupen.com | |
| Webmail | OVH- OVH | VUPEN | www.vupen.com | |
| Support | REDHAT | www.redhat.com | |
| Debian update for xfree86 - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| Red Hat update for freetype - Advisories - Secunia | SECUNIA | secunia.com | |
| Page not found - SourceForge.net | CONFIRM | sourceforge.net | |
| Debian update for freetype - Advisories - Secunia | SECUNIA | secunia.com | |
| issues.foresightlinux.org/browse/FL-223 | CONFIRM | issues.foresightlinux.org | |
| Security Announcement | SUSE | www.novell.com | |
| Linux Terminal Server Project: Multiple vulnerabilities — Gentoo Linux Documentation | GENTOO | www.gentoo.org | |
| Mandriva update for xorg-x11 - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| Slackware update for freetype - Advisories - Secunia | SECUNIA | secunia.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Support / Security / Advisories / / MDKSA-2007:079 | Mandriva | MANDRIVA | www.mandriva.com | |
| Security Announcement | SUSE | www.novell.com | |
| issues.rpath.com/browse/RPL-1213 | CONFIRM | issues.rpath.com | |
| Support / Security / Advisories / / MDKSA-2007:080 | Mandriva | MANDRIVA | www.mandriva.com | |
| rhn.redhat.com | Red Hat Support | REDHAT | rhn.redhat.com | |
| Avaya Products FreeType BDF Font Integer Overflow Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Advisories - Mandriva Linux | MANDRIVA | www.mandriva.com | |
| SourceForge.net: Files | CONFIRM | sourceforge.net | |
| Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Secunia Advisories - Vulnerability Information - Secunia.com | SECUNIA | secunia.com | |
| ASA-2007-178 (SUN 102886) | CONFIRM | support.avaya.com | |
| RETIRED: Freetype Font Files Integer Overflow Vulnerability | BID | www.securityfocus.com | |
| Gentoo Linux Documentation -- FreeType: User-assisted execution of arbitrary code | GENTOO | security.gentoo.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| X.Org X11 Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| ASA-2007-193 (RHSA-2007-0150) | CONFIRM | support.avaya.com | |
| Mandriva update for freetype2 - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| XFree86 Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| SUSE update for XFree86 and Xorg - Advisories - Secunia | SECUNIA | secunia.com | |
| SUSE Update for Multiple Packages - Advisories - Secunia | SECUNIA | secunia.com | |
| #102886: Multiple vulnerabilities in libfreetype, Xsun(1) and Xorg(1) | SUNALERT | sunsolve.sun.com | |
| Debian -- Security Information -- DSA-1454-1 freetype | DEBIAN | www.debian.org | |
| Mandriva update for tightvnc - Advisories - Secunia | SECUNIA | secunia.com | |
| The Slackware Linux Project: Slackware Security Advisories | SLACKWARE | slackware.com | |
| Gentoo update for libXfont and tightvnc - Advisories - Secunia | SECUNIA | secunia.com | |
| Red Hat update for xorg-x11 - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| 2007-0013 | TRUSTIX | www.trustix.org | |
| OpenBSD update for X.Org - Advisories - Secunia | SECUNIA | secunia.com | |
| Gentoo ltsp Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| rPath update for freetype, xorg-x11, xorg-x11-fonts, xorg-x11-tools, and xorg-x11-xfs - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| About the security content of Security Update 2009-001 | CONFIRM | support.apple.com | |
| Gentoo update for freetype - Advisories - Secunia | SECUNIA | secunia.com | |
| Avaya CMS / IR X.Org X11 Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| SecurityTracker.com Archives - X11 Overflows Let Local Users Gain Root Privileges | SECTRACK | www.securitytracker.com | |
| Trustix update for freetype and clamav - Advisories - Secunia | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.