NVD脆弱性詳細

CVE-2007-1351

概要	Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
公表日	2007年4月6日10:19
登録日	2021年1月29日14:08
最終更新日	2018年10月17日1:38

CVSS2.0 : HIGH
スコア	8.5
ベクター	AV:N/AC:M/Au:S/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	単一
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
全ての特権を取得	はい
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::amd64:::::
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::i386:::::
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::powerpc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::sparc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::amd64:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::i386:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::powerpc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::sparc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::amd64:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::i386:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::powerpc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::sparc:::::

構成2	以上	以下	より上	未満
cpe:2.3:a:x.org:libxfont:1.2.2:::::::*
cpe:2.3:a:xfree86_project:x11r6:4.3.0:::::::*
cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:::::::*
cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:::::::*

構成3		以上	以下	より上	未満
cpe:2.3:o:rpath:rpath_linux:1:::::::*

構成4	以上	以下	より上	未満
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:4.0::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:4.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:4.0::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:5.0::desktop:::::
cpe:2.3:o:redhat:enterprise_linux:5.0::desktop_workstation:::::
cpe:2.3:o:redhat:enterprise_linux:5.0::server:::::
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1::ia64:::::
cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium:::::

構成5	以上	以下	より上	未満
cpe:2.3:o:openbsd:openbsd:3.9:::::::*
cpe:2.3:o:openbsd:openbsd:4.0:::::::*

構成6		以上	以下	より上	未満
cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:::::::*

関連情報、対策とツール

No	URL	refsource	タグ
1	http://issues.foresightlinux.org/browse/FL-223	CONFIRM
2	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501	IDEFENSE	Patch
3	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html	APPLE
4	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	APPLE
5	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html	MLIST
6	http://rhn.redhat.com/errata/RHSA-2007-0125.html	REDHAT
7	http://secunia.com/advisories/24741	SECUNIA	Vendor Advisory
8	http://secunia.com/advisories/24745	SECUNIA
9	http://secunia.com/advisories/24756	SECUNIA
10	http://secunia.com/advisories/24758	SECUNIA
11	http://secunia.com/advisories/24765	SECUNIA
12	http://secunia.com/advisories/24768	SECUNIA
13	http://secunia.com/advisories/24770	SECUNIA	Vendor Advisory
14	http://secunia.com/advisories/24771	SECUNIA
15	http://secunia.com/advisories/24772	SECUNIA
16	http://secunia.com/advisories/24776	SECUNIA
17	http://secunia.com/advisories/24791	SECUNIA
18	http://secunia.com/advisories/24885	SECUNIA
19	http://secunia.com/advisories/24889	SECUNIA
20	http://secunia.com/advisories/24921	SECUNIA
21	http://secunia.com/advisories/24996	SECUNIA
22	http://secunia.com/advisories/25004	SECUNIA
23	http://secunia.com/advisories/25006	SECUNIA
24	http://secunia.com/advisories/25096	SECUNIA
25	http://secunia.com/advisories/25195	SECUNIA
26	http://secunia.com/advisories/25216	SECUNIA
27	http://secunia.com/advisories/25305	SECUNIA
28	http://secunia.com/advisories/25495	SECUNIA
29	http://secunia.com/advisories/28333	SECUNIA
30	http://secunia.com/advisories/30161	SECUNIA
31	http://secunia.com/advisories/33937	SECUNIA
32	http://security.gentoo.org/glsa/glsa-200705-02.xml	GENTOO
33	http://security.gentoo.org/glsa/glsa-200705-10.xml	GENTOO
34	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733	SLACKWARE
35	http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954	CONFIRM
36	http://sourceforge.net/project/shownotes.php?release_id=498954	CONFIRM
37	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1	SUNALERT
38	http://support.apple.com/kb/HT3438	CONFIRM
39	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm	CONFIRM
40	http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm	CONFIRM
41	http://www.debian.org/security/2007/dsa-1294	DEBIAN
42	http://www.debian.org/security/2008/dsa-1454	DEBIAN
43	http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml	GENTOO
44	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079	MANDRIVA
45	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080	MANDRIVA
46	http://www.mandriva.com/security/advisories?name=MDKSA-2007:081	MANDRIVA
47	http://www.novell.com/linux/security/advisories/2007_27_x.html	SUSE
48	http://www.novell.com/linux/security/advisories/2007_6_sr.html	SUSE
49	http://www.openbsd.org/errata39.html#021_xorg	OPENBSD
50	http://www.openbsd.org/errata40.html#011_xorg	OPENBSD
51	http://www.redhat.com/support/errata/RHSA-2007-0126.html	REDHAT
52	http://www.redhat.com/support/errata/RHSA-2007-0132.html	REDHAT
53	http://www.redhat.com/support/errata/RHSA-2007-0150.html	REDHAT
54	http://www.securityfocus.com/archive/1/464686/100/0/threaded	BUGTRAQ
55	http://www.securityfocus.com/archive/1/464816/100/0/threaded	BUGTRAQ
56	http://www.securityfocus.com/bid/23283	BID	Patch
57	http://www.securityfocus.com/bid/23300	BID
58	http://www.securityfocus.com/bid/23402	BID
59	http://www.securitytracker.com/id?1017857	SECTRACK
60	http://www.trustix.org/errata/2007/0013/	TRUSTIX
61	http://www.ubuntu.com/usn/usn-448-1	UBUNTU
62	http://www.vupen.com/english/advisories/2007/1217	VUPEN
63	http://www.vupen.com/english/advisories/2007/1264	VUPEN
64	http://www.vupen.com/english/advisories/2007/1548	VUPEN
65	https://exchange.xforce.ibmcloud.com/vulnerabilities/33417	XF
66	https://issues.rpath.com/browse/RPL-1213	CONFIRM
67	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266	OVAL
68	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810	OVAL

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-189	数値処理の問題	https://cwe.mitre.org/data/definitions/189.html

構成1	以上	以下	より上	未満
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::amd64:::::
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::i386:::::
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::powerpc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:5.10::sparc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::amd64:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::i386:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::powerpc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts::sparc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::amd64:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::i386:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::powerpc:::::
cpe:2.3:o:ubuntu:ubuntu_linux:6.10::sparc:::::

構成4	以上	以下	より上	未満
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:4.0::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:4.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:4.0::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:5.0::desktop:::::
cpe:2.3:o:redhat:enterprise_linux:5.0::desktop_workstation:::::
cpe:2.3:o:redhat:enterprise_linux:5.0::server:::::
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1::ia64:::::
cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium:::::