CVE-2007-1351 (CNNVD-200704-102)
HIGH
中文标题:
X.Org LibXFont多个整数溢出漏洞
英文标题:
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 2007040...
CVSS分数:
8.5
发布时间:
2007-04-06 01:00:00
漏洞类型:
数字错误
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v3
漏洞描述
中文描述:
X.Org是X.Org基金会运作的一个对X Window系统的官方参考实现,是开源的自由软件。 X.Org的LibXFont库在解析BDF字体时存在整数溢出,允许攻击者通过特制的BDF字体导致堆溢出。此外LibXFont库在解析fonts.dir字体信息文件时也存在整数溢出,如果特制的字体信息在第一行指定了多于1,073,741,824(2的30次方)个的单元数的话,就可能触发堆溢出,导致执行任意指令。
英文描述:
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
CWE类型:
CWE-189
标签:
(暂无数据)
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| ubuntu | ubuntu_linux | 5.10 | - | - |
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
|
| ubuntu | ubuntu_linux | 6.06_lts | - | - |
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*
|
| ubuntu | ubuntu_linux | 6.10 | - | - |
cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*
|
| x.org | libxfont | 1.2.2 | - | - |
cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*
|
| xfree86_project | x11r6 | 4.3.0 | - | - |
cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
|
| xfree86_project | x11r6 | 4.3.0.1 | - | - |
cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*
|
| xfree86_project | x11r6 | 4.3.0.2 | - | - |
cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*
|
| rpath | rpath_linux | 1 | - | - |
cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*
|
| redhat | enterprise_linux | 2.1 | - | - |
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
|
| redhat | enterprise_linux | 3.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
|
| redhat | enterprise_linux | 4.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
|
| redhat | enterprise_linux | 5.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*
|
| redhat | enterprise_linux_desktop | 3.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_desktop | 4.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
|
| redhat | linux_advanced_workstation | 2.1 | - | - |
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
|
| openbsd | openbsd | 3.9 | - | - |
cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
|
| openbsd | openbsd | 4.0 | - | - |
cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*
|
| mandrakesoft | mandrake_multi_network_firewall | 2.0 | - | - |
cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
RHSA-2007:0150
vendor-advisory
cve.org
访问
cve.org
24745
third-party-advisory
cve.org
访问
cve.org
24921
third-party-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:1810
vdb-entry
cve.org
访问
cve.org
33937
third-party-advisory
cve.org
访问
cve.org
2007-0013
vendor-advisory
cve.org
访问
cve.org
24771
third-party-advisory
cve.org
访问
cve.org
GLSA-200705-02
vendor-advisory
cve.org
访问
cve.org
24889
third-party-advisory
cve.org
访问
cve.org
24770
third-party-advisory
cve.org
访问
cve.org
25006
third-party-advisory
cve.org
访问
cve.org
24756
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
25495
third-party-advisory
cve.org
访问
cve.org
24996
third-party-advisory
cve.org
访问
cve.org
23283
vdb-entry
cve.org
访问
cve.org
RHSA-2007:0126
vendor-advisory
cve.org
访问
cve.org
23300
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
GLSA-200705-10
vendor-advisory
cve.org
访问
cve.org
USN-448-1
vendor-advisory
cve.org
访问
cve.org
APPLE-SA-2009-02-12
vendor-advisory
cve.org
访问
cve.org
MDKSA-2007:080
vendor-advisory
cve.org
访问
cve.org
SSA:2007-109-01
vendor-advisory
cve.org
访问
cve.org
SUSE-SR:2007:006
vendor-advisory
cve.org
访问
cve.org
MDKSA-2007:081
vendor-advisory
cve.org
访问
cve.org
DSA-1454
vendor-advisory
cve.org
访问
cve.org
24758
third-party-advisory
cve.org
访问
cve.org
ADV-2007-1264
vdb-entry
cve.org
访问
cve.org
1017857
vdb-entry
cve.org
访问
cve.org
24885
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
25096
third-party-advisory
cve.org
访问
cve.org
25195
third-party-advisory
cve.org
访问
cve.org
RHSA-2007:0125
vendor-advisory
cve.org
访问
cve.org
24741
third-party-advisory
cve.org
访问
cve.org
APPLE-SA-2007-11-14
vendor-advisory
cve.org
访问
cve.org
24776
third-party-advisory
cve.org
访问
cve.org
28333
third-party-advisory
cve.org
访问
cve.org
24768
third-party-advisory
cve.org
访问
cve.org
[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont
mailing-list
cve.org
访问
cve.org
24791
third-party-advisory
cve.org
访问
cve.org
SUSE-SA:2007:027
vendor-advisory
cve.org
访问
cve.org
30161
third-party-advisory
cve.org
访问
cve.org
GLSA-200805-07
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
DSA-1294
vendor-advisory
cve.org
访问
cve.org
24765
third-party-advisory
cve.org
访问
cve.org
25216
third-party-advisory
cve.org
访问
cve.org
20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability
third-party-advisory
cve.org
访问
cve.org
20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
mailing-list
cve.org
访问
cve.org
20070405 FLEA-2007-0009-1: xorg-x11 freetype
mailing-list
cve.org
访问
cve.org
ADV-2007-1548
vdb-entry
cve.org
访问
cve.org
xorg-bdf-font-bo(33417)
vdb-entry
cve.org
访问
cve.org
102886
vendor-advisory
cve.org
访问
cve.org
ADV-2007-1217
vdb-entry
cve.org
访问
cve.org
[4.0] 011: SECURITY FIX: April 4, 2007
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
23402
vdb-entry
cve.org
访问
cve.org
25004
third-party-advisory
cve.org
访问
cve.org
25305
third-party-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:11266
vdb-entry
cve.org
访问
cve.org
RHSA-2007:0132
vendor-advisory
cve.org
访问
cve.org
24772
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
[3.9] 021: SECURITY FIX: April 4, 2007
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
MDKSA-2007:079
vendor-advisory
cve.org
访问
cve.org
CVSS评分详情
8.5
HIGH
CVSS向量:
AV:N/AC:M/Au:S/C:C/I:C/A:C
CVSS版本:
2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2007-04-06 01:00:00
修改时间:
2024-08-07 12:50:35
创建时间:
2025-11-11 15:32:42
更新时间:
2025-11-11 15:49:16
利用信息
暂无可利用代码信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2007-1351 |
2025-11-11 15:17:50 | 2025-11-11 07:32:42 |
| NVD | nvd_CVE-2007-1351 |
2025-11-11 14:52:10 | 2025-11-11 07:41:28 |
| CNNVD | cnnvd_CNNVD-200704-102 |
2025-11-11 15:08:56 | 2025-11-11 07:49:16 |
版本与语言
当前版本:
v3
主要语言:
EN
支持语言:
EN
ZH
安全公告
暂无安全公告信息
变更历史
v3
CNNVD
2025-11-11 15:49:16
vulnerability_type: 未提取 → 数字错误; cnnvd_id: 未提取 → CNNVD-200704-102; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 数字错误
- cnnvd_id: 未提取 -> CNNVD-200704-102
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:28
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 8.5; cvss_vector: NOT_EXTRACTED → AV:N/AC:M/Au:S/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 18; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 8.5
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:S/C:C/I:C/A:C
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 18
- data_sources: ['cve'] -> ['cve', 'nvd']