FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4568

This CVE name corresponds to:

Entered Topic
2007-10-08 xfs -- multiple vulnerabilites

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2007-4568
Phase Assigned(20070828)

Description

Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.

References

Source Reference
IDEFENSE 20071002 Multiple Vendor X Font Server Multiple Vulnerabilities
BUGTRAQ 20071003 rPSA-2007-0205-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg-announce] 20071002 [ANNOUNCE] X.Org security advisory: multiple vulnerabilities in X font server
CONFIRM https://issues.rpath.com/browse/RPL-1756
CONFIRM http://bugs.freedesktop.org/show_bug.cgi?id=12298
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=194606
CONFIRM http://docs.info.apple.com/article.html?artnum=307430
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
APPLE APPLE-SA-2008-02-11
APPLE APPLE-SA-2008-03-18
DEBIAN DSA-1385
FEDORA FEDORA-2007-4263
GENTOO GLSA-200710-11
MANDRIVA MDKSA-2007:210
REDHAT RHSA-2008:0029
REDHAT RHSA-2008:0030
SUNALERT 103114
SUNALERT 200642
SUSE SUSE-SA:2007:054
CERT TA08-043B
BID 25898
OVAL oval:org.mitre.oval:def:10882
VUPEN ADV-2007-3337
VUPEN ADV-2007-3338
VUPEN ADV-2007-3467
VUPEN ADV-2008-0495
VUPEN ADV-2008-0924
SECTRACK 1018763
SECUNIA 27040
SECUNIA 27052
SECUNIA 27060
SECUNIA 27168
SECUNIA 27176
SECUNIA 27240
SECUNIA 27560
SECUNIA 27228
SECUNIA 28004
SECUNIA 28536
SECUNIA 28542
SECUNIA 28891
SECUNIA 29420
XF xfs-protocol-requests-bo(36919)