[MBT] new ticket for pkg XFree86-Xserver "CAN-2003-0730: Buffer overflow in font libraries"
bugs at pld-linux.org
bugs at pld-linux.org
Mon Sep 29 16:58:23 CEST 2003
Date: 2003-09-29 16:58:21+02 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: CAN-2003-0730: Buffer overflow in font libraries
Ticket ID: #746
Ticket URL: http://bugs.pld-linux.org/?bug=746
Package: XFree86-Xserver-1:4.2.1-8
Distribution: PLD-1.0.main
Category: security problem
Current state: opened
Text:
Since Debian backported the fix to 4.1 (DSA-380-1)
the PLD-Version 4.2.1 is most likly vulnerable as well.
The current version is 4.2.1-11 btw (not -8 as indicated in the "Choose-Version"-Box).
CAN-Summary:
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
More information about the pld-bugs
mailing list