Unrated severityNVD Advisory· Published Sep 13, 2006· Updated Apr 16, 2026
CVE-2006-3739
CVE-2006-3739
Description
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
39- www.idefense.com/intelligence/vulnerabilities/display.phpnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0665.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0666.htmlnvdPatchVendor Advisory
- secunia.com/advisories/21864nvd
- secunia.com/advisories/21889nvd
- secunia.com/advisories/21890nvd
- secunia.com/advisories/21894nvd
- secunia.com/advisories/21900nvd
- secunia.com/advisories/21904nvd
- secunia.com/advisories/21908nvd
- secunia.com/advisories/21924nvd
- secunia.com/advisories/22080nvd
- secunia.com/advisories/22141nvd
- secunia.com/advisories/22332nvd
- secunia.com/advisories/22560nvd
- secunia.com/advisories/23033nvd
- secunia.com/advisories/23899nvd
- secunia.com/advisories/24636nvd
- security.gentoo.org/glsa/glsa-200609-07.xmlnvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2006-190.htmnvd
- support.avaya.com/elmodocs2/security/ASA-2006-191.htmnvd
- www.debian.org/security/2006/dsa-1193nvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_23_sr.htmlnvd
- www.securityfocus.com/archive/1/445812/100/0/threadednvd
- www.securityfocus.com/archive/1/464268/100/0/threadednvd
- www.securityfocus.com/bid/19974nvd
- www.ubuntu.com/usn/usn-344-1nvd
- www.vmware.com/support/esx25/doc/esx-254-200702-patch.htmlnvd
- www.vupen.com/english/advisories/2006/3581nvd
- www.vupen.com/english/advisories/2006/3582nvd
- www.vupen.com/english/advisories/2007/0322nvd
- www.vupen.com/english/advisories/2007/1171nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28899nvd
- issues.rpath.com/browse/RPL-614nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305nvd
News mentions
0No linked articles in our index yet.