CVE-2006-3740 Information
Description
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange (b) cidrange and (c) notdefrange sections.
Reference
http://secunia.com/advisories/21864 http://secunia.com/advisories/21889 http://secunia.com/advisories/21890 http://secunia.com/advisories/21894 http://secunia.com/advisories/21900 http://secunia.com/advisories/21904 http://secunia.com/advisories/21908 http://secunia.com/advisories/21924 http://secunia.com/advisories/22080 http://secunia.com/advisories/22141 http://secunia.com/advisories/22332 http://secunia.com/advisories/22560 http://secunia.com/advisories/23033 http://secunia.com/advisories/23899 http://secunia.com/advisories/23907 http://secunia.com/advisories/24636 http://security.gentoo.org/glsa/glsa-200609-07.xml http://securitytracker.com/id?1016828 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1 http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm http://www.debian.org/security/2006/dsa-1193 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 http://www.mandriva.com/security/advisories?name=MDKSA-2006:164 http://www.novell.com/linux/security/advisories/2006_23_sr.html http://www.redhat.com/support/errata/RHSA-2006-0665.html http://www.redhat.com/support/errata/RHSA-2006-0666.html http://www.securityfocus.com/archive/1/445812/100/0/threaded http://www.securityfocus.com/archive/1/464268/100/0/threaded http://www.securityfocus.com/bid/19974 http://www.ubuntu.com/usn/usn-344-1 http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html http://www.vupen.com/english/advisories/2006/3581 http://www.vupen.com/english/advisories/2006/3582 http://www.vupen.com/english/advisories/2007/0322 http://www.vupen.com/english/advisories/2007/1171 https://exchange.xforce.ibmcloud.com/vulnerabilities/28890 https://issues.rpath.com/browse/RPL-614 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9454
Share on: