SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#203220

X.Org PCF font parser buffer overflow

Overview

A vulnerability in the X.Org server could allow a remote attacker to execute arbitrary code on an affected system.

I. Description

The X.Org project provides an open source implementation of the X Window System. The server supports bitmapped fonts in various formats, including Portable Compiled Font (PCF) format. A flaw exists in the handling of PCF fonts where the difference between lastCol and firstCol in the PCF_BDF_ENCODINGS table is greater than 255. An attacker with the ability to cause the X server to open a specially crafted PCF font file could cause a buffer overflow in the X server.

II. Impact

A remote attacker with an established, authenticated connection to the X server could execute arbitrary code with the privileges of the X server or cause the server to crash.

III. Solution

Upgrade or apply a patch from the vendor

Patches and updated versions of the software have been released to address this issue. Please see the Systems Affected section of this document for more information.

Users who compile their X.Org system from the original source distribution should review the X.Org security advisory of January 17th, 2008

Systems Affected

VendorStatusDate NotifiedDate Updated
Fedora ProjectVulnerable19-Mar-2008
Gentoo LinuxVulnerable19-Mar-2008
Mandriva, Inc.Vulnerable19-Mar-2008
OpenBSDVulnerable19-Mar-2008
Red Hat, Inc.Vulnerable19-Mar-2008
SUSE LinuxVulnerable19-Mar-2008
UbuntuVulnerable19-Mar-2008
X.org FoundationVulnerable5-Mar-2008

References


http://lists.freedesktop.org/archives/xorg/2008-January/031918.html

Credit

Thanks to Takuya Shiozaki working through JPCERT/CC for reporting this vulnerability.

This document was written by Chad R Dougherty.

Other Information

Date Public:2008-01-17
Date First Published:2008-03-19
Date Last Updated:2008-03-19
CERT Advisory: 
CVE-ID(s):CVE-2008-0006
NVD-ID(s):CVE-2008-0006
US-CERT Technical Alerts: 
Metric:11.54
Document Revision:9

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader