Описание
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:2.0.1-3ubuntu1 |
| esm-infra-legacy/trusty | released | 1:1.4.7-1ubuntu0.3 |
| esm-infra/xenial | released | 1:1.5.1-1ubuntu0.16.04.3 |
| precise/esm | DNE | |
| trusty | released | 1:1.4.7-1ubuntu0.3 |
| trusty/esm | released | 1:1.4.7-1ubuntu0.3 |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1:1.5.1-1ubuntu0.16.04.3 |
| zesty | released | 1:2.0.1-3ubuntu0.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:1.5.2-4ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE | |
| zesty | released | 1:1.5.2-4ubuntu0.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | released | 1:2.0.1-3~ubuntu16.04.2 |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1:2.0.1-3~ubuntu16.04.2 |
| zesty | DNE |
Показывать по
EPSS
3.6 Low
CVSS2
7.1 High
CVSS3
Связанные уязвимости
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
In the pcfGetProperties function in bitmap/pcfread.c in libXfont throu ...
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
EPSS
3.6 Low
CVSS2
7.1 High
CVSS3