VYPR

rpm package

suse/libXfont&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

pkg:rpm/suse/libXfont&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Vulnerabilities (2)

  • CVE-2017-13722HigOct 11, 2017
    affected < 1.5.1-11.3.12fixed 1.5.1-11.3.12

    In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server

  • CVE-2017-13720HigOct 11, 2017
    affected < 1.5.1-11.3.12fixed 1.5.1-11.3.12

    In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occu