Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-0006HistoryJan 18, 2008 - 11:00 p.m.
CVE-2008-0006
2008-01-1823:00:00
Debian Security Bug Tracker
security-tracker.debian.org
13
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.344 Low
EPSS
Percentile
97.1%
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 11 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 999 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 13 | all | libxfont | < 1:1.3.1-2 | libxfont_1:1.3.1-2_all.deb |
| Debian | 12 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 11 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 999 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
| Debian | 13 | all | xorg-server | < 2:1.4.1~git20080105-2 | xorg-server_2:1.4.1~git20080105-2_all.deb |
Related
nessus
nessus
Fedora 8 : libXfont-1.3.1-2.fc8 (2008-0794)
2008-01-27 00:00:00
Scientific Linux Security Update : libXfont on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : libXfont (RHSA-2008:0064)
2008-01-18 00:00:00
cert
cert
X.Org PCF font parser buffer overflow
2008-03-19 00:00:00
openvas
openvas
Fedora Update for libXfont FEDORA-2008-0891
2009-02-17 00:00:00
Mandriva Update for libxfont MDVSA-2008:024 (libxfont)
2009-04-09 00:00:00
Fedora Update for libXfont FEDORA-2008-0891
2009-02-17 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:21:00
oraclelinux
oraclelinux
Important: libXfont security update
2008-01-17 00:00:00
Important: XFree86 security update
2008-01-18 00:00:00
Important: xorg-x11 security update
2008-01-17 00:00:00
checkpoint_advisories
checkpoint_advisories
X.Org X Server PCF Font Parser Buffer Overflow (CVE-2008-0006)
2010-02-25 00:00:00
nvd
nvd
CVE-2008-0006
2008-01-18 23:00:00
cve
cve
CVE-2008-0006
2008-01-18 23:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: libXfont-1.2.9-3.fc7
2008-01-22 15:59:35
[SECURITY] Fedora 8 Update: libXfont-1.3.1-2.fc8
2008-01-22 15:40:24
[SECURITY] Fedora 8 Update: xorg-x11-server-1.3.0.0-39.fc8
2008-01-22 15:32:21
centos
centos
libXfont security update
2008-01-18 23:25:10
XFree86 security update
2008-01-20 22:56:55
XFree86 security update
2008-01-18 15:04:04
prion
prion
Buffer overflow
2008-01-18 23:00:00
cvelist
cvelist
CVE-2008-0006
2008-01-18 22:00:00
redhat
redhat
(RHSA-2008:0064) Important: libXfont security update
2008-01-17 00:00:00
(RHSA-2008:0029) Important: XFree86 security update
2008-01-18 00:00:00
(RHSA-2008:0030) Important: xorg-x11 security update
2008-01-17 00:00:00
jvn
jvn
JVN#88935101: X.Org Foundation X server buffer overflow vulnerability
2008-06-10 00:00:00
ubuntucve
ubuntucve
CVE-2008-0006
2008-01-18 00:00:00
altlinux
altlinux
freebsd
freebsd
xorg -- multiple vulnerabilities
2008-01-18 00:00:00
ubuntu
ubuntu
X.org regression
2008-01-19 00:00:00
X.org vulnerabilities
2008-01-18 00:00:00
suse
suse
remote code execution in Xorg and XFree
2008-01-17 15:28:59
debian
debian
[SECURITY] [DSA 1466-3] New xfree86 packages fix regression
2008-01-21 18:53:21
[SECURITY] [DSA 1466-2] New xorg-server packages fix regression
2008-01-19 13:10:16
securityvulns
securityvulns
XFree86 / X.Org / NX multiple security vulnerabilities
2008-04-08 00:00:00
[USN-571-1] X.org vulnerabilities
2008-01-20 00:00:00
gentoo
gentoo
X.Org X server and Xfont library: Multiple vulnerabilities
2008-01-20 00:00:00
osv
osv
libxfont xfree86 xorg-server - several vulnerabilities
2008-01-21 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.344 Low
EPSS
Percentile
97.1%
Related for DEBIANCVE:CVE-2008-0006