X.org » X Font Server : Security Vulnerabilities, CVEs, Published In 2007 (Overflow) CVSS score >= 5
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
90.52%
Published
2007-10-05
Updated
2023-02-13
1 vulnerabilities found