Vulnerabilities > CVE-2001-0955 - Denial of Service vulnerability in Xfree86 Project X11R6 4.0/4.0.1/4.0.3
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
References
- http://cvsweb.xfree86.org/cvsweb/xc/programs/Xserver/fb/fbglyph.c
- http://marc.info/?l=bugtraq&m=100776624224549&w=2
- http://marc.info/?l=bugtraq&m=100784290015880&w=2
- http://marc.info/?l=vuln-dev&m=100118958310463&w=2
- http://www.securityfocus.com/bid/3657
- http://www.securityfocus.com/bid/3663
- http://www.xfree86.org/4.2.0/RELNOTES2.html#2
- http://www.xfree86.org/security/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7673
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7683