CVE-2004-0083

Published: Mar 3, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.

Affected (9)

Products: Xfree86 Project: X11r6 · Openbsd: Openbsd

Xfree86 Project

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Xfree86 Project X11r6	Version 4.1.0
Xfree86 Project X11r6	Version 4.1.11
Xfree86 Project X11r6	Version 4.1.12
Xfree86 Project X11r6	Version 4.2.0
Xfree86 Project X11r6	Version 4.2.1
Xfree86 Project X11r6	Version 4.2.1
Xfree86 Project X11r6	Version 4.3.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Openbsd Openbsd	Version 3.3
Openbsd Openbsd	Version 3.4

References (42)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107644835523678&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107653324115914&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110979666528890&w=2

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200402-02.xml

Source: cve@mitre.org

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-443

Source: cve@mitre.org

http://www.idefense.com/application/poi/display?id=72

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/820006

Source: cve@mitre.org

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:012

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2004_06_xf86.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-059.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-060.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-061.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/9636

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053

Source: cve@mitre.org

http://www.xfree86.org/cvs/changes

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15130

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A806

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A830

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9612

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=107644835523678&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=107653324115914&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=110979666528890&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200402-02.xml

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2004/dsa-443

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.idefense.com/application/poi/display?id=72

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/820006

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:012

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2004_06_xf86.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-059.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-060.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-061.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/9636

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.xfree86.org/cvs/changes

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15130

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A806

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A830

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9612

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.