LibXfont, monolithic X.org: Multiple integer overflows Some buffer overflows were discovered in the CID font parser, potentially resulting in the execution of arbitrary code with elevated privileges. libxfont September 13, 2006 September 13, 2006: 01 145513 local and remote 1.2.1 1.2.1 7.0 7.0

libXfont is the X.Org Xfont library, some parts are based on the FreeType code base.

Several integer overflows have been found in the CID font parser.

A remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the execution of arbitrary code with the permissions of the user running the X server which typically is the root user. A local user could exploit this vulnerability to gain elevated privileges.

Disable CID-encoded Type 1 fonts by removing the "type1" module and replacing it with the "freetype" module in xorg.conf.

All libXfont users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.1"

All monolithic X.org users are advised to migrate to modular X.org.

CVE-2006-3739 CVE-2006-3740 frilled jaervosz jaervosz