ID CVE-2015-1803
Summary The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
References
Vulnerable Configurations
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:x:libxfont:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:x:libxfont:1.5.0:*:*:*:*:*:*:*
CVSS
Base: 8.5 (as of 31-12-2016 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:S/C:C/I:C/A:C
redhat via4
advisories
rhsa
id RHSA-2015:1708
rpms
  • libXfont-0:1.4.5-5.el6_7
  • libXfont-0:1.4.7-3.ael7b_1
  • libXfont-0:1.4.7-3.el7_1
  • libXfont-debuginfo-0:1.4.5-5.el6_7
  • libXfont-debuginfo-0:1.4.7-3.ael7b_1
  • libXfont-debuginfo-0:1.4.7-3.el7_1
  • libXfont-devel-0:1.4.5-5.el6_7
  • libXfont-devel-0:1.4.7-3.ael7b_1
  • libXfont-devel-0:1.4.7-3.el7_1
refmap via4
bid 73280
confirm
debian DSA-3194
fedora
  • FEDORA-2015-4199
  • FEDORA-2015-4230
gentoo GLSA-201507-21
mandriva MDVSA-2015:145
misc http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/
sectrack 1031935
suse
  • SUSE-SU-2015:0674
  • SUSE-SU-2015:0702
  • openSUSE-SU-2015:0614
ubuntu USN-2536-1
Last major update 31-12-2016 - 02:59
Published 20-03-2015 - 14:59
Last modified 31-12-2016 - 02:59
Back to Top