The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102714 Security Vulnerability With Integer Multiplication Within libXfont Affects Solaris X11 Servers

Guest Author
Product: Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System

The Xsun(1) server and Xorg(1) server are the X display servers for Version 11 of the X window system on Solaris.

There exists an overflow vulnerability when performing integer multiplication within the libXfont library, as used by the X11 display servers, that can cause a heap overflow while loading the fonts. This may allow a local unprivileged user to be able to execute arbitrary commands with elevated privileges or create a Denial of Service (DoS) to the display managers.

This issue is described in the following documents:

Avoidance: Patch, Workaround
State: Resolved
First released: 14-Nov-2006

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.