XFree86 is an implementation of the X Window System, which provides the
core functionality for the Linux graphical desktop.
iDefense reported two integer overflow flaws in the way the XFree86 server
processed CID font files. A malicious authorized client could exploit this
issue to cause a denial of service (crash) or potentially execute arbitrary
code with root privileges on the XFree86 server. (CVE-2006-3739,
CVE-2006-3740)
Users of XFree86 should upgrade to these updated packages, which contain a
backported patch and is not vulnerable to this issue.