Информационная безопасность
[RU] switch to English


Многочисленыне уязвимости безопасности в libXfont
Опубликовано:18 марта 2015 г.
Источник:
SecurityVulns ID:14324
Тип:библиотека
Уровень опасности:
6/10
Описание:Повреждения памяти при разборе bdf.
Затронутые продукты:LIBXFONT : libXfont 1.4
CVE:CVE-2015-1804 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.)
 CVE-2015-1803 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.)
 CVE-2015-1802 (The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file.)
Оригинальный текстdocumentUBUNTU, [USN-2536-1] libXfont vulnerabilities (18.03.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород