CVE-2004-0083

Severity

99%

Complexity

99%

Confidentiality

165%

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

OpenBSD

First reported 20 years ago

2004-03-03 05:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

OpenBSD 3.3

3.3

OpenBSD 3.4

3.4

References

CLA-2004:821

20040210 iDEFENSESecurityAdvisory02.10.04: XFree86FontInformationFileBufferOverflow

20040211 XFree86 vulnerability exploit

FLSA:2314

GLSA-200402-02

Vendor Advisory

57768

DSA-443

http://www.idefense.com/application/poi/display?id=72

VU#820006

US Government Resource

MDKSA-2004:012

SuSE-SA:2004:006

RHSA-2004:059

RHSA-2004:060

RHSA-2004:061

9636

Exploit, Patch, Vendor Advisory

SSA:2004-043

http://www.xfree86.org/cvs/changes

Vendor Advisory

xfree86-fontalias-bo(15130)

oval:org.mitre.oval:def:806

oval:org.mitre.oval:def:830

oval:org.mitre.oval:def:9612

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.