FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-0006

This CVE name corresponds to:

Entered Topic
2008-01-23 xorg -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-0006 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-0006
Phase Assigned(20071203)

Description

Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.

References

Source Reference
BUGTRAQ 20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
MLIST [xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=204362
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=428044
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-038.htm
CONFIRM https://issues.rpath.com/browse/RPL-2010
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-077.htm
CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
APPLE APPLE-SA-2008-03-18
FEDORA FEDORA-2008-0760
FEDORA FEDORA-2008-0794
FEDORA FEDORA-2008-0831
FEDORA FEDORA-2008-0891
GENTOO GLSA-200801-09
GENTOO GLSA-200804-05
GENTOO GLSA-200805-07
HP HPSBUX02381
HP SSRT080083
MANDRIVA MDVSA-2008:021
MANDRIVA MDVSA-2008:022
MANDRIVA MDVSA-2008:024
OPENBSD [4.1] 20080208 012: SECURITY FIX: February 8, 2008
OPENBSD [4.2] 20080208 006: SECURITY FIX: February 8, 2008
REDHAT RHSA-2008:0029
REDHAT RHSA-2008:0030
REDHAT RHSA-2008:0064
SUNALERT 103192
SUNALERT 201230
SUSE SUSE-SA:2008:003
SUSE SUSE-SR:2008:008
UBUNTU USN-571-1
CERT-VN VU#203220
JVN JVN#88935101
JVNDB JVNDB-2008-001043
BID 27336
BID 27352
OVAL oval:org.mitre.oval:def:10021
SECUNIA 32545
VUPEN ADV-2008-0179
VUPEN ADV-2008-0184
VUPEN ADV-2008-0497
VUPEN ADV-2008-0703
VUPEN ADV-2008-0924
SECTRACK 1019232
SECUNIA 28532
SECUNIA 28535
SECUNIA 28536
SECUNIA 28540
SECUNIA 28542
SECUNIA 28544
SECUNIA 28550
SECUNIA 28273
SECUNIA 28500
SECUNIA 28592
SECUNIA 28571
SECUNIA 28621
SECUNIA 28718
SECUNIA 28843
SECUNIA 28885
SECUNIA 28941
SECUNIA 29139
SECUNIA 29420
SECUNIA 29622
SECUNIA 29707
SECUNIA 30161
VUPEN ADV-2008-3000
XF xorg-pcffont-bo(39767)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.