BID:12657

DNA MKBold-MKItalic Remote Format String Vulnerability

Info

DNA MKBold-MKItalic Remote Format String Vulnerability

Bugtraq ID:	12657
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 25 2005 12:00AM
Updated:	Feb 25 2005 12:00AM
Credit:	The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue.
Vulnerable:	DNA mkbold-mkitalic 0.6 DNA mkbold-mkitalic 0.5 DNA mkbold-mkitalic 0.4 DNA mkbold-mkitalic 0.3 DNA mkbold-mkitalic 0.2 DNA mkbold-mkitalic 0.1

Not Vulnerable:	DNA mkbold-mkitalic 0.8 DNA mkbold-mkitalic 0.7

Discussion

DNA MKBold-MKItalic Remote Format String Vulnerability

A remote, client-side format string vulnerability reportedly affects DNA mkbold-mkitalic. This issue is due to a failure of the application to securely implement a formatted printing function.

An attacker may leverage this issue to have arbitrary code executed with the privileges of an unsuspecting user that processes a malicious BDF format font file.

Exploit / POC

DNA MKBold-MKItalic Remote Format String Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

DNA MKBold-MKItalic Remote Format String Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.

DNA mkbold-mkitalic 0.1

DNA mkbold-mkitalic 0.8
http://hp.vector.co.jp/authors/VA013651/lib/mkbold-mkitalic-0.08.tar.b z2

DNA mkbold-mkitalic 0.2

DNA mkbold-mkitalic 0.8
http://hp.vector.co.jp/authors/VA013651/lib/mkbold-mkitalic-0.08.tar.b z2

DNA mkbold-mkitalic 0.3

DNA mkbold-mkitalic 0.8
http://hp.vector.co.jp/authors/VA013651/lib/mkbold-mkitalic-0.08.tar.b z2

DNA mkbold-mkitalic 0.4

DNA mkbold-mkitalic 0.8
http://hp.vector.co.jp/authors/VA013651/lib/mkbold-mkitalic-0.08.tar.b z2

DNA mkbold-mkitalic 0.5

DNA mkbold-mkitalic 0.8
http://hp.vector.co.jp/authors/VA013651/lib/mkbold-mkitalic-0.08.tar.b z2

DNA mkbold-mkitalic 0.6

DNA mkbold-mkitalic 0.8
http://hp.vector.co.jp/authors/VA013651/lib/mkbold-mkitalic-0.08.tar.b z2

References

DNA MKBold-MKItalic Remote Format String Vulnerability

References:

mkbold-mkitalic Home Page (DNA)