1. Home
  2. CVE Database
  3. CVE-2007-1352
LOW · 3.8

CVE-2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which resu...

Vulnerability Description

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

CVSS Score

3.8

LOW

AV:A/AC:M/Au:S/C:N/I:P/A:P
Confidentiality
NONE
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
MandrakesoftMandrake Linux9.1
MandrakesoftMandrake Linux Corporate Server3.0
MandrakesoftMandrake Multi Network Firewall2.0
X.OrgLibxfont1.2.2
RedhatEnterprise Linux2.1
RedhatEnterprise Linux Desktop3.0
RedhatFedora Corecore_1.0
RedhatLinux9.0
RedhatLinux Advanced Workstation2.1
SlackwareSlackware Linux9.0
TurbolinuxTurbolinux Desktop10.0
UbuntuUbuntu Linux4.1
RpathLinux1
OpenbsdOpenbsd3.9

References

FAQ

What is CVE-2007-1352?

CVE-2007-1352 is a vulnerability with a CVSS score of 3.8 (LOW). Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which resu...

How severe is CVE-2007-1352?

CVE-2007-1352 has been rated LOW with a CVSS base score of 3.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-1352?

Check the references section above for vendor advisories and patch information. Affected products include: Mandrakesoft Mandrake Linux, Mandrakesoft Mandrake Linux Corporate Server, Mandrakesoft Mandrake Multi Network Firewall, X.Org Libxfont, Redhat Enterprise Linux.