VYPR
Unrated severityNVD Advisory· Published Apr 6, 2007· Updated Jun 16, 2026

CVE-2007-1351

CVE-2007-1351

Description

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

42
  • cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • Xorg/X11r63 versions
    cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*
  • Xorg/Libxfont2 versions
    cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*
    • (no CPE)range: before 20070403
  • OpenBSD/OpenBSD2 versions
    cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
    • cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*+ 14 more
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*
  • Ubuntu/Linux12 versions
    cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*+ 11 more
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*
  • Range: <=2.3.2

Patches

Vulnerability mechanics

References

68

News mentions

0

No linked articles in our index yet.