| Vulnerability Name: | CVE-2004-0106 (CCN-15206) | ||||||||||||||||||||||||||||
| Assigned: | 2004-02-13 | ||||||||||||||||||||||||||||
| Published: | 2004-02-13 | ||||||||||||||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||||||||||||||
| Summary: | Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | ||||||||||||||||||||||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||||||
| References: | Source: CCN Type: SCO Security Advisory SCOSA-2004.3 Xsco contains a buffer overflow that could be exploited to gain root privileges Source: CCN Type: SCO Security Advisory SCOSA-2004.2 Xsco contains a buffer overflow that could be exploited to gain root privileges Source: MITRE Type: CNA CVE-2004-0106 Source: CONECTIVA Type: UNKNOWN CLA-2004:821 Source: CCN Type: Conectiva Linux Security Announcement CLSA-2004:821 XFree86 Source: FEDORA Type: UNKNOWN FLSA:2314 Source: CCN Type: RHSA-2004-059 Updated XFree86 packages fix privilege escalation vulnerability Source: CCN Type: RHSA-2004-060 XFree86 security update Source: CCN Type: RHSA-2004-061 XFree86 security update Source: CCN Type: CIAC Information Bulletin O-081 Red Hat Updated XFree86 Packages Fix Privilege Escalation Vulnerability Source: DEBIAN Type: UNKNOWN DSA-443 Source: DEBIAN Type: DSA-443 xfree86 -- several vulnerabilities Source: CCN Type: Immunix Secured OS Security Advisory IMNX-2004-73-002-01 XFree86 Source: MANDRAKE Type: UNKNOWN MDKSA-2004:012 Source: SUSE Type: UNKNOWN SuSE-SA:2004:006 Source: REDHAT Type: UNKNOWN RHSA-2004:059 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2004:060 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2004:061 Source: CCN Type: BID-9636 XFree86 Font Information File Buffer Overflow Vulnerability Source: CCN Type: BID-9655 XFree86 Unspecified Fontfile Buffer Overrun Vulnerability Source: SLACKWARE Type: Patch, Vendor Advisory SSA:2004-043 Source: CCN Type: slackware-security Mailing List, Thu, 12 Feb 2004 12:19:25 -0800 (PST) XFree86 security update (SSA:2004-043-02) Source: CCN Type: TLSA-2004-5 Font file buffer overlows Source: XF Type: UNKNOWN xfree86-multiple-font-improper-handling(15206) Source: XF Type: UNKNOWN xfree86-multiple-font-improper-handling(15206) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11111 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:809 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:832 Source: CCN Type: IBM Security Advisory, Wed Feb 18 10:55:22 CST 2004 A buffer overflow that exists in the X server can be exploited to gain root privileges Source: SUSE Type: SUSE-SA:2004:006 xf86/XFree86: local privilege escalation | ||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||