CVE-2004-0083
XFree86 4.3 - Font Information File Buffer Overflow
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
Desbordamiento de búfer en ReadFontAlias de XFree86 4.1.0 a 4.3.0 permite a usuarios locales y atacantes remotos ejecutar código arbitrario mediante un fichero de aliases de fuentes (font.alias) con un token largo, una vulnerabilidad distinta de CAN-2004-0084 y CAN-2004-0106.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-01-19 CVE Reserved
- 2004-02-14 CVE Published
- 2004-11-10 First Exploit
- 2024-07-25 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (24)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/23682 | 2004-11-10 | |
http://www.securityfocus.com/bid/9636 | 2024-08-08 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.1.0 Search vendor "Xfree86 Project" for product "X11r6" and version "4.1.0" | - |
Affected
| ||||||
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.1.11 Search vendor "Xfree86 Project" for product "X11r6" and version "4.1.11" | - |
Affected
| ||||||
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.1.12 Search vendor "Xfree86 Project" for product "X11r6" and version "4.1.12" | - |
Affected
| ||||||
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.2.0 Search vendor "Xfree86 Project" for product "X11r6" and version "4.2.0" | - |
Affected
| ||||||
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.2.1 Search vendor "Xfree86 Project" for product "X11r6" and version "4.2.1" | - |
Affected
| ||||||
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.2.1 Search vendor "Xfree86 Project" for product "X11r6" and version "4.2.1" | errata |
Affected
| ||||||
Xfree86 Project Search vendor "Xfree86 Project" | X11r6 Search vendor "Xfree86 Project" for product "X11r6" | 4.3.0 Search vendor "Xfree86 Project" for product "X11r6" and version "4.3.0" | - |
Affected
| ||||||
Openbsd Search vendor "Openbsd" | Openbsd Search vendor "Openbsd" for product "Openbsd" | 3.3 Search vendor "Openbsd" for product "Openbsd" and version "3.3" | - |
Affected
| ||||||
Openbsd Search vendor "Openbsd" | Openbsd Search vendor "Openbsd" for product "Openbsd" | 3.4 Search vendor "Openbsd" for product "Openbsd" and version "3.4" | - |
Affected
|