Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0083

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0083
Last Modified 21 Aug 2010 12:19:32
Published 03 Mar 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0083

Summary

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.

Vulnerable Systems

Operating System

  • Openbsd 3.3

  • Openbsd 3.4

Application

  • Xfree86 Project X11r6 4.1.0

  • Xfree86 Project X11r6 4.1.11

  • Xfree86 Project X11r6 4.1.12

  • Xfree86 Project X11r6 4.2.0

  • Xfree86 Project X11r6 4.2.1

  • Xfree86 Project X11r6 4.3.0


References

CERT-VN - VU#820006

BID - 9636

BUGTRAQ - 20040210 iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow

XF - xfree86-fontalias-bo(15130)

CONFIRM - http://www.xfree86.org/cvs/changes

REDHAT - RHSA-2004:061

REDHAT - RHSA-2004:060

REDHAT - RHSA-2004:059

SUSE - SuSE-SA:2004:006

MISC - http://www.idefense.com/application/poi/display?id=72

DEBIAN - DSA-443

GENTOO - GLSA-200402-02

SLACKWARE - SSA:2004-043

MANDRAKE - MDKSA-2004:012

SUNALERT - 57768

FEDORA - FLSA:2314

BUGTRAQ - 20040211 XFree86 vulnerability exploit

CONECTIVA - CLA-2004:821


Last Updated: 27 May 2016 10:38:28