Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0581

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0581
Last Modified 10 Sep 2008 03:19:42
Published 18 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0581

Summary

X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access.

Vulnerable Systems

Application

  • Xfstt 1.2.1

  • Xfstt 1.4


References

DEBIAN - DSA-360

BUGTRAQ - 20030714 xfstt-1.4 vulnerability


Last Updated: 27 May 2016 10:37:58