1. CVE-Search
  2. CVE-2004-0084
ID CVE-2004-0084
Summary Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
References
Vulnerable Configurations
  • cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*
  • cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2013-04-29T04:05:22.897-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
    family unix
    id oval:org.mitre.oval:def:10405
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
    version 29
  • accepted 2007-04-25T19:52:47.331-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
    family unix
    id oval:org.mitre.oval:def:807
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat XFree86 Buffer Overflow in ReadFontAlias II
    version 38
  • accepted 2007-04-25T19:52:57.831-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
    family unix
    id oval:org.mitre.oval:def:831
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title XFree86 Buffer Overflow in CopyISOLatin1Lowered Function
    version 37
redhat via4
advisories
  • rhsa
    id RHSA-2004:059
  • rhsa
    id RHSA-2004:060
  • rhsa
    id RHSA-2004:061
rpms
  • XFree86-0:4.3.0-55.EL
  • XFree86-100dpi-fonts-0:4.3.0-55.EL
  • XFree86-75dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-14-100dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-14-75dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-15-100dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-15-75dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-2-100dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-2-75dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-9-100dpi-fonts-0:4.3.0-55.EL
  • XFree86-ISO8859-9-75dpi-fonts-0:4.3.0-55.EL
  • XFree86-Mesa-libGL-0:4.3.0-55.EL
  • XFree86-Mesa-libGLU-0:4.3.0-55.EL
  • XFree86-Xnest-0:4.3.0-55.EL
  • XFree86-Xvfb-0:4.3.0-55.EL
  • XFree86-base-fonts-0:4.3.0-55.EL
  • XFree86-cyrillic-fonts-0:4.3.0-55.EL
  • XFree86-devel-0:4.3.0-55.EL
  • XFree86-doc-0:4.3.0-55.EL
  • XFree86-font-utils-0:4.3.0-55.EL
  • XFree86-libs-0:4.3.0-55.EL
  • XFree86-libs-data-0:4.3.0-55.EL
  • XFree86-syriac-fonts-0:4.3.0-55.EL
  • XFree86-tools-0:4.3.0-55.EL
  • XFree86-truetype-fonts-0:4.3.0-55.EL
  • XFree86-twm-0:4.3.0-55.EL
  • XFree86-xauth-0:4.3.0-55.EL
  • XFree86-xdm-0:4.3.0-55.EL
  • XFree86-xfs-0:4.3.0-55.EL
refmap via4
bid 9652
bugtraq 20040212 iDEFENSE Security Advisory 02.11.04: XFree86 Font Information File Buffer Overflow II
cert-vn VU#667502
conectiva CLA-2004:821
debian DSA-443
fedora FLSA:2314
mandrake MDKSA-2004:012
misc http://www.idefense.com/application/poi/display?id=73
slackware SSA:2004-043
sunalert 57768
suse SuSE-SA:2004:006
xf xfree86-copyisolatin1lLowered-bo(15200)
Last major update 11-10-2017 - 01:29
Published 03-03-2004 - 05:00
Last modified 11-10-2017 - 01:29
Back to Top