VYPR
Unrated severityNVD Advisory· Published Aug 18, 2003· Updated Jun 16, 2026

CVE-2003-0581

CVE-2003-0581

Description

X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Xfstt/Xfstt3 versions
    cpe:2.3:a:xfstt:xfstt:1.2.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:xfstt:xfstt:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xfstt:xfstt:1.4:*:*:*:*:*:*:*
    • (no CPE)range: =1.4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.