CVE-2007-1351

N/A Unknown
Published: April 06, 2007 Modified: April 23, 2026
View on NVD

Description

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://issues.foresightlinux.org/browse/FL-223
Source: secalert@redhat.com
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501
Source: secalert@redhat.com
Patch
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Source: secalert@redhat.com
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2007-0125.html
Source: secalert@redhat.com
http://secunia.com/advisories/24741
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24745
Source: secalert@redhat.com
http://secunia.com/advisories/24756
Source: secalert@redhat.com
http://secunia.com/advisories/24758
Source: secalert@redhat.com
http://secunia.com/advisories/24765
Source: secalert@redhat.com
http://secunia.com/advisories/24768
Source: secalert@redhat.com
http://secunia.com/advisories/24770
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24771
Source: secalert@redhat.com
http://secunia.com/advisories/24772
Source: secalert@redhat.com
http://secunia.com/advisories/24776
Source: secalert@redhat.com
http://secunia.com/advisories/24791
Source: secalert@redhat.com
http://secunia.com/advisories/24885
Source: secalert@redhat.com
http://secunia.com/advisories/24889
Source: secalert@redhat.com
http://secunia.com/advisories/24921
Source: secalert@redhat.com
http://secunia.com/advisories/24996
Source: secalert@redhat.com
http://secunia.com/advisories/25004
Source: secalert@redhat.com
http://secunia.com/advisories/25006
Source: secalert@redhat.com
http://secunia.com/advisories/25096
Source: secalert@redhat.com
http://secunia.com/advisories/25195
Source: secalert@redhat.com
http://secunia.com/advisories/25216
Source: secalert@redhat.com
http://secunia.com/advisories/25305
Source: secalert@redhat.com
http://secunia.com/advisories/25495
Source: secalert@redhat.com
http://secunia.com/advisories/28333
Source: secalert@redhat.com
http://secunia.com/advisories/30161
Source: secalert@redhat.com
http://secunia.com/advisories/33937
Source: secalert@redhat.com
http://security.gentoo.org/glsa/glsa-200705-02.xml
Source: secalert@redhat.com
http://security.gentoo.org/glsa/glsa-200705-10.xml
Source: secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733
Source: secalert@redhat.com
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
Source: secalert@redhat.com
http://sourceforge.net/project/shownotes.php?release_id=498954
Source: secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
Source: secalert@redhat.com
http://support.apple.com/kb/HT3438
Source: secalert@redhat.com
http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
Source: secalert@redhat.com
http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
Source: secalert@redhat.com
http://www.debian.org/security/2007/dsa-1294
Source: secalert@redhat.com
http://www.debian.org/security/2008/dsa-1454
Source: secalert@redhat.com
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2007:081
Source: secalert@redhat.com
http://www.novell.com/linux/security/advisories/2007_27_x.html
Source: secalert@redhat.com
http://www.novell.com/linux/security/advisories/2007_6_sr.html
Source: secalert@redhat.com
http://www.openbsd.org/errata39.html#021_xorg
Source: secalert@redhat.com
http://www.openbsd.org/errata40.html#011_xorg
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0126.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0132.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0150.html
Source: secalert@redhat.com
http://www.securityfocus.com/archive/1/464686/100/0/threaded
Source: secalert@redhat.com
http://www.securityfocus.com/archive/1/464816/100/0/threaded
Source: secalert@redhat.com
http://www.securityfocus.com/bid/23283
Source: secalert@redhat.com
Patch
http://www.securityfocus.com/bid/23300
Source: secalert@redhat.com
http://www.securityfocus.com/bid/23402
Source: secalert@redhat.com
http://www.securitytracker.com/id?1017857
Source: secalert@redhat.com
http://www.trustix.org/errata/2007/0013/
Source: secalert@redhat.com
http://www.ubuntu.com/usn/usn-448-1
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2007/1217
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2007/1264
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2007/1548
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
Source: secalert@redhat.com
https://issues.rpath.com/browse/RPL-1213
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810
Source: secalert@redhat.com
http://issues.foresightlinux.org/browse/FL-223
Source: af854a3a-2127-422b-91ae-364da2661108
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2007-0125.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24741
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/24745
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24756
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24758
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24765
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24768
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24770
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/24771
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24772
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24776
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24791
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24885
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24889
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24921
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24996
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25004
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25006
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25096
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25195
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25216
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25305
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25495
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/28333
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30161
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33937
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200705-02.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200705-10.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733
Source: af854a3a-2127-422b-91ae-364da2661108
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
Source: af854a3a-2127-422b-91ae-364da2661108
http://sourceforge.net/project/shownotes.php?release_id=498954
Source: af854a3a-2127-422b-91ae-364da2661108
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3438
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2007/dsa-1294
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2008/dsa-1454
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2007:081
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.novell.com/linux/security/advisories/2007_27_x.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.novell.com/linux/security/advisories/2007_6_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openbsd.org/errata39.html#021_xorg
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openbsd.org/errata40.html#011_xorg
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0126.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0132.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0150.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/464686/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/464816/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/23283
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/23300
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/23402
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1017857
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.trustix.org/errata/2007/0013/
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-448-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1217
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1264
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1548
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
Source: af854a3a-2127-422b-91ae-364da2661108
https://issues.rpath.com/browse/RPL-1213
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810
Source: af854a3a-2127-422b-91ae-364da2661108

136 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.8%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-189

Affected Vendors

rpath ubuntu xfree86_project x.org mandrakesoft openbsd redhat

Related CVEs

CVE-2026-8696 7.5
CVE-2026-45672 8.8
CVE-2026-45402 8.1
CVE-2026-45401 8.5
CVE-2026-45400 8.5