ALT-PU-2015-1310-1
Closed vulnerabilities
Published: 2015-03-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-1803
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.
Severity: HIGH (8.5)
References:
- http://advisories.mageia.org/MGASA-2015-0113.html
- http://advisories.mageia.org/MGASA-2015-0113.html
- FEDORA-2015-4199
- FEDORA-2015-4199
- FEDORA-2015-4230
- FEDORA-2015-4230
- openSUSE-SU-2015:0614
- openSUSE-SU-2015:0614
- SUSE-SU-2015:0674
- SUSE-SU-2015:0674
- SUSE-SU-2015:0702
- SUSE-SU-2015:0702
- RHSA-2015:1708
- RHSA-2015:1708
- DSA-3194
- DSA-3194
- MDVSA-2015:145
- MDVSA-2015:145
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- 73280
- 73280
- 1031935
- 1031935
- USN-2536-1
- USN-2536-1
- http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/
- http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/
- GLSA-201507-21
- GLSA-201507-21