Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0955

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0955
Last Modified 05 Sep 2008 04:25:19
Published 22 Sep 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0955

Summary

Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.

Vulnerable Systems

Application

  • Xfree86 Project X11r6 4.0

  • Xfree86 Project X11r6 4.0.1

  • Xfree86 Project X11r6 4.0.3


References

BID - 3657

XF - xfree86-xterm-title-bo(7683)

XF - xfree86-konqueror-bo(7673)

CONFIRM - http://www.xfree86.org/security/

CONFIRM - http://www.xfree86.org/4.2.0/RELNOTES2.html#2

BID - 3663

VULN-DEV - 20010922 XFree86 DOS / Buffer overflow local and remote.

BUGTRAQ - 20011207 Crashing X

MISC - http://cvsweb.xfree86.org/cvsweb/xc/programs/Xserver/fb/fbglyph.c

BUGTRAQ - 20011208 Re: Crashing X


Last Updated: 27 May 2016 10:36:28