rpm package
suse/libXfont&distro=SUSE Linux Enterprise Desktop 12 SP2
pkg:rpm/suse/libXfont&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-13722 | Hig | 7.1 | < 1.5.1-11.3.12 | 1.5.1-11.3.12 | Oct 11, 2017 | In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server | |
| CVE-2017-13720 | Hig | 7.1 | < 1.5.1-11.3.12 | 1.5.1-11.3.12 | Oct 11, 2017 | In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occu |
- affected < 1.5.1-11.3.12fixed 1.5.1-11.3.12
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server
- affected < 1.5.1-11.3.12fixed 1.5.1-11.3.12
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occu