Oval Definition:oval:com.ubuntu.xenial:def:2017137200000000
Revision Date:2017-10-11Version:1
Title:CVE-2017-13720 on Ubuntu 16.04 LTS (xenial) - low.
Description:In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-13720
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • libxfont package in xenial was vulnerable but has been fixed (note: '1:1.5.1-1ubuntu0.16.04.3').
  • OR libxfont2 package in xenial was vulnerable but has been fixed (note: '1:2.0.1-3~ubuntu16.04.2').
  • BACK