FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0083

This CVE name corresponds to:

Entered Topic
2005-06-01 linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-02-12 Buffer overflows in XFree86 servers

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0083 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0083
Phase Modified(20100819)

Description

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.

References

Source Reference
BUGTRAQ 20040210 iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow
MISC http://www.idefense.com/application/poi/display?id=72
BUGTRAQ 20040211 XFree86 vulnerability exploit
CONFIRM http://www.xfree86.org/cvs/changes
CONECTIVA CLA-2004:821
DEBIAN DSA-443
FEDORA FLSA:2314
REDHAT RHSA-2004:059
REDHAT RHSA-2004:060
REDHAT RHSA-2004:061
SLACKWARE SSA:2004-043
SUNALERT 57768
SUSE SuSE-SA:2004:006
MANDRAKE MDKSA-2004:012
GENTOO GLSA-200402-02
CERT-VN VU#820006
BID 9636
OVAL oval:org.mitre.oval:def:806
OVAL oval:org.mitre.oval:def:830
OVAL oval:org.mitre.oval:def:9612
XF xfree86-fontalias-bo(15130)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.