Home

CVE-2014-0210

Description

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.105

Associated Vulnerability

VulnerabilityOS Platform
X11 font rasterisation library (USN-2211-1) libxfont1_1.4.7-1ubuntu0.2_i386.debLinux
X11 font rasterisation library (USN-2211-1) libxfont1_1.4.7-1ubuntu0.2_amd64.debLinux
(RHSA-2014:1893) Important: libXfont security update libXfont-1.2.2-1.0.6.el5_11.i386.rpmLinux
(RHSA-2014:1893) Important: libXfont security update libXfont-1.2.2-1.0.6.el5_11.x86_64.rpmLinux
(RHSA-2014:1893) Important: libXfont security update libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpmLinux
(RHSA-2014:1893) Important: libXfont security update libXfont-devel-1.2.2-1.0.6.el5_11.x86_64.rpmLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0210)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234