Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2004:060
HistoryFeb 13, 2004 - 12:00 a.m.

(RHSA-2004:060) XFree86 security update

2004-02-1300:00:00
access.redhat.com
20

0.121 Low

EPSS

Percentile

95.4%

JSON

XFree86 is an implementation of the X Window System, providing the core
graphical user interface and video drivers.

iDefense discovered two buffer overflows in the parsing of the ‘font.alias’
file. A local attacker could exploit this vulnerability by creating a
carefully-crafted file and gaining root privileges.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2004-0083 and CAN-2004-0084 to these issues.

Additionally David Dawes discovered additional flaws in reading font files.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0106 to these issues.

All users of XFree86 are advised to upgrade to these erratum packages,
which contain a backported fix and are not vulnerable to these issues.

Red Hat would like to thank David Dawes from XFree86 for the patches and
notification of these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64xfree86-cyrillic-fonts< 4.1.0-56.ELXFree86-cyrillic-fonts-4.1.0-56.EL.ia64.rpm
RedHatanyi386xfree86-twm< 4.1.0-56.ELXFree86-twm-4.1.0-56.EL.i386.rpm
RedHatanyia64xfree86< 4.1.0-56.ELXFree86-4.1.0-56.EL.ia64.rpm
RedHatanyi386xfree86-doc< 4.1.0-56.ELXFree86-doc-4.1.0-56.EL.i386.rpm
RedHatanyi386xfree86-iso8859-15-100dpi-fonts< 4.1.0-56.ELXFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
RedHatanyi386xfree86-devel< 4.1.0-56.ELXFree86-devel-4.1.0-56.EL.i386.rpm
RedHatanyi386xfree86-xdm< 4.1.0-56.ELXFree86-xdm-4.1.0-56.EL.i386.rpm
RedHatanyi386xfree86-iso8859-9-75dpi-fonts< 4.1.0-56.ELXFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
RedHatanyi386xfree86-100dpi-fonts< 4.1.0-56.ELXFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
RedHatanyi386xfree86-xvfb< 4.1.0-56.ELXFree86-Xvfb-4.1.0-56.EL.i386.rpm
Rows per page:
1-10 of 391

Related

ubuntucve 3
nvd 3
slackware 1
openvas 12
cvelist 3
nessus 11
securityvulns 3
cve 3
redhat 1
freebsd 2
suse 1
osv 1
debian 1
cert 2
gentoo 1
ubuntucve
ubuntucve
CVE-2004-0106
2004-03-03 00:00:00
CVE-2004-0083
2004-03-03 00:00:00
CVE-2004-0084
2004-03-03 00:00:00
nvd
nvd
CVE-2004-0106
2004-03-03 05:00:00
CVE-2004-0083
2004-03-03 05:00:00
CVE-2004-0084
2004-03-03 05:00:00
slackware
slackware
XFree86 security update
2004-02-12 12:19:25
openvas
openvas
HP-UX Update for XFree86 HPSBUX01018
2009-05-05 00:00:00
FreeBSD Ports: XFree86-Server
2008-09-04 00:00:00
Slackware: Security Advisory (SSA:2004-043-02)
2012-09-10 00:00:00
cvelist
cvelist
CVE-2004-0084
2004-02-14 05:00:00
CVE-2004-0106
2004-02-16 05:00:00
CVE-2004-0083
2004-02-14 05:00:00
nessus
nessus
RHEL 3 : XFree86 (RHSA-2004:061)
2004-07-06 00:00:00
SuSE-SA:2004:006: xf86/XFree86
2004-07-25 00:00:00
RHEL 2.1 : XFree86 (RHSA-2004:060)
2004-07-06 00:00:00
securityvulns
securityvulns
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges.
2004-08-02 00:00:00
iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow
2004-02-11 00:00:00
cve
cve
CVE-2004-0083
2004-03-03 05:00:00
CVE-2004-0106
2004-03-03 05:00:00
CVE-2004-0084
2004-03-03 05:00:00
redhat
redhat
(RHSA-2004:061) XFree86 security update
2004-02-16 00:00:00
freebsd
freebsd
Buffer overflows in XFree86 servers
2004-02-10 00:00:00
linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-09-27 00:00:00
suse
suse
local privilege escalation in xf86/XFree86
2004-02-23 16:37:48
osv
osv
xfree86 - several vulnerabilities
2004-02-19 00:00:00
debian
debian
[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities
2004-02-20 06:58:37
cert
cert
XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file
2004-12-07 00:00:00
XFree86 vulnerable to buffer overflow via error in 'ReadFontAlias()' function
2004-12-07 00:00:00
gentoo
gentoo
XFree86 Font Information File Buffer Overflow
2004-02-11 00:00:00

0.121 Low

EPSS

Percentile

95.4%

JSON
Related for RHSA-2004:060
ubuntucve3nvd3slackware1openvas12cvelist3nessus11securityvulns3cve3redhat1freebsd2suse1osv1debian1cert2gentoo1