FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0084

This CVE name corresponds to:

Entered Topic
2005-06-01 linux_base -- vulnerabilities in Red Hat 7.1 libraries
2004-02-12 Buffer overflows in XFree86 servers

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0084 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0084
Phase Modified(20100819)

Description

Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.

References

Source Reference
BUGTRAQ 20040212 iDEFENSE Security Advisory 02.11.04: XFree86 Font Information File Buffer Overflow II
MISC http://www.idefense.com/application/poi/display?id=73
CONECTIVA CLA-2004:821
DEBIAN DSA-443
FEDORA FLSA:2314
REDHAT RHSA-2004:059
REDHAT RHSA-2004:060
REDHAT RHSA-2004:061
SLACKWARE SSA:2004-043
SUNALERT 57768
SUSE SuSE-SA:2004:006
MANDRAKE MDKSA-2004:012
CERT-VN VU#667502
BID 9652
OVAL oval:org.mitre.oval:def:807
OVAL oval:org.mitre.oval:def:831
OVAL oval:org.mitre.oval:def:10405
XF xfree86-copyisolatin1lLowered-bo(15200)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.