X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.
iDefense reported two integer overflows in the way X.org handled various
font files. A malicious local user could exploit these issues to
potentially execute arbitrary code with the privileges of the X.org server.
(CVE-2007-1351, CVE-2007-1352)
Users of X.org libXfont should upgrade to these updated packages, which
contain a backported patch and are not vulnerable to this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | x86_64 | libxfont-devel | < 1.2.2-1.0.2.el5 | libXfont-devel-1.2.2-1.0.2.el5.x86_64.rpm |
RedHat | 5 | ppc64 | libxfont-devel | < 1.2.2-1.0.2.el5 | libXfont-devel-1.2.2-1.0.2.el5.ppc64.rpm |
RedHat | 5 | s390x | libxfont-devel | < 1.2.2-1.0.2.el5 | libXfont-devel-1.2.2-1.0.2.el5.s390x.rpm |
RedHat | 5 | src | libxfont | < 1.2.2-1.0.2.el5 | libXfont-1.2.2-1.0.2.el5.src.rpm |
RedHat | 5 | x86_64 | libxfont | < 1.2.2-1.0.2.el5 | libXfont-1.2.2-1.0.2.el5.x86_64.rpm |
RedHat | 5 | ia64 | libxfont | < 1.2.2-1.0.2.el5 | libXfont-1.2.2-1.0.2.el5.ia64.rpm |
RedHat | 5 | s390 | libxfont-devel | < 1.2.2-1.0.2.el5 | libXfont-devel-1.2.2-1.0.2.el5.s390.rpm |
RedHat | 5 | s390 | libxfont | < 1.2.2-1.0.2.el5 | libXfont-1.2.2-1.0.2.el5.s390.rpm |
RedHat | 5 | ia64 | libxfont-devel | < 1.2.2-1.0.2.el5 | libXfont-devel-1.2.2-1.0.2.el5.ia64.rpm |
RedHat | 5 | ppc64 | libxfont | < 1.2.2-1.0.2.el5 | libXfont-1.2.2-1.0.2.el5.ppc64.rpm |