Integer Overflow Vulnerability in X.Org libXfont and Freetype
CVE-2007-1351

Currently unrated

Key Information:

Vendor

Ubuntu

Status
Ubuntu Linux
Vendor
CVE Published:
6 April 2007

What is CVE-2007-1351?

The integer overflow vulnerability exists in the bdfReadCharacters function in bdfread.c, impacting X.Org libXfont and Freetype. This flaw allows remote authenticated users to execute arbitrary code through specially crafted BDF font files, which can lead to a heap overflow, compromising system integrity and potentially enabling unauthorized access.

References

http://www.redhat.com/support/errata/RHSA-2007-0150.html
vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/24745
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/24921
third-party-advisoryx_refsource_SECUNIA

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.