VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 6, 2007· Updated Apr 23, 2026

CVE-2007-1351

CVE-2007-1351

Description

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

Affected products

39
  • Mandrakesoft/Mandrake Multi Network Firewall
    cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • Xorg/X11r63 versions
    cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*
  • Xorg/Libxfont
    cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*
  • OpenBSD/OpenBSD2 versions
    cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
    • cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux15 versions
    cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*+ 14 more
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*
  • Red Hat/Enterprise Linux Desktop2 versions
    cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
  • Red Hat/Linux Advanced Workstation2 versions
    cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • Rpath/Linux
    cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*
  • Ubuntu/Linux12 versions
    cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*+ 11 more
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*
    • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

68

News mentions

0

No linked articles in our index yet.