Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
X.Org libXfont 整数溢出漏洞
Vulnerability Description
X.Org是X.Org基金会运作的一个对X Window系统的官方参考实现,是开源的自由软件。libXfont是一个用于服务器和实用程序的X字体处理库。 X.Org libXfont 1.4.7及之前版本和1.4.99.901之前的1.4.9x版本中的‘FontFileAddEntry’和‘lexAlias’函数存在整数溢出漏洞,该漏洞源于程序没有正确处理字体元数据文件的解析。本地攻击者可利用该漏洞造成拒绝服务(崩溃)或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A