X : Security Vulnerabilities, CVEs, Published In 2015 (Denial of service)
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
Max CVSS
8.5
EPSS Score
1.49%
Published
2015-03-20
Updated
2016-12-31
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.
Max CVSS
8.5
EPSS Score
1.50%
Published
2015-03-20
Updated
2016-12-31
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file.
Max CVSS
8.5
EPSS Score
1.37%
Published
2015-03-20
Updated
2016-12-22
3 vulnerabilities found