CVE-2007-1351

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501", "name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability", "tags": ["Patch"], "refsource": "IDEFENSE"}, {"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html", "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", "tags": [], "refsource": "MLIST"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html", "name": "RHSA-2007:0126", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.ubuntu.com/usn/usn-448-1", "name": "USN-448-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.securityfocus.com/bid/23283", "name": "23283", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1017857", "name": "1017857", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/24741", "name": "24741", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24756", "name": "24756", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24770", "name": "24770", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://issues.foresightlinux.org/browse/FL-223", "name": "http://issues.foresightlinux.org/browse/FL-223", "tags": [], "refsource": "CONFIRM"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=498954", "name": "http://sourceforge.net/project/shownotes.php?release_id=498954", "tags": [], "refsource": "CONFIRM"}, {"url": "https://issues.rpath.com/browse/RPL-1213", "name": "https://issues.rpath.com/browse/RPL-1213", "tags": [], "refsource": "CONFIRM"}, {"url": "http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954", "name": "http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954", "tags": [], "refsource": "CONFIRM"}, {"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html", "name": "RHSA-2007:0125", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html", "name": "RHSA-2007:0132", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/24745", "name": "24745", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24758", "name": "24758", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24765", "name": "24765", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24768", "name": "24768", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24771", "name": "24771", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24772", "name": "24772", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24776", "name": "24776", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24791", "name": "24791", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html", "name": "RHSA-2007:0150", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/23402", "name": "23402", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/24885", "name": "24885", "tags": [], "refsource": "SECUNIA"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733", "name": "SSA:2007-109-01", "tags": [], "refsource": "SLACKWARE"}, {"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html", "name": "SUSE-SR:2007:006", "tags": [], "refsource": "SUSE"}, {"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html", "name": "SUSE-SA:2007:027", "tags": [], "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/24889", "name": "24889", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/25004", "name": "25004", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24921", "name": "24921", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/24996", "name": "24996", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.openbsd.org/errata39.html#021_xorg", "name": "[3.9] 021: SECURITY FIX: April 4, 2007", "tags": [], "refsource": "OPENBSD"}, {"url": "http://www.openbsd.org/errata40.html#011_xorg", "name": "[4.0] 011: SECURITY FIX: April 4, 2007", "tags": [], "refsource": "OPENBSD"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1", "name": "102886", "tags": [], "refsource": "SUNALERT"}, {"url": "http://www.securityfocus.com/bid/23300", "name": "23300", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/25006", "name": "25006", "tags": [], "refsource": "SECUNIA"}, {"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml", "name": "GLSA-200705-02", "tags": [], "refsource": "GENTOO"}, {"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml", "name": "GLSA-200705-10", "tags": [], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/25096", "name": "25096", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/25195", "name": "25195", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/25216", "name": "25216", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html", "name": "APPLE-SA-2007-11-14", "tags": [], "refsource": "APPLE"}, {"url": "http://www.debian.org/security/2007/dsa-1294", "name": "DSA-1294", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079", "name": "MDKSA-2007:079", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080", "name": "MDKSA-2007:080", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081", "name": "MDKSA-2007:081", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://secunia.com/advisories/25305", "name": "25305", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/25495", "name": "25495", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2008/dsa-1454", "name": "DSA-1454", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/28333", "name": "28333", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml", "name": "GLSA-200805-07", "tags": [], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/30161", "name": "30161", "tags": [], "refsource": "SECUNIA"}, {"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html", "name": "APPLE-SA-2009-02-12", "tags": [], "refsource": "APPLE"}, {"url": "http://secunia.com/advisories/33937", "name": "33937", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.apple.com/kb/HT3438", "name": "http://support.apple.com/kb/HT3438", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.vupen.com/english/advisories/2007/1548", "name": "ADV-2007-1548", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/1217", "name": "ADV-2007-1217", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/1264", "name": "ADV-2007-1264", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.trustix.org/errata/2007/0013/", "name": "2007-0013", "tags": [], "refsource": "TRUSTIX"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417", "name": "xorg-bdf-font-bo(33417)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810", "name": "oval:org.mitre.oval:def:1810", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266", "name": "oval:org.mitre.oval:def:11266", "tags": [], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded", "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded", "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-189"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-1351", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 8.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-04-06T01:19Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-16T16:38Z"}