CVE-2013-6462

Public on 2014-01-09
Modified on 2014-09-16
Description
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.
Severity
Important severity
Important
CVSS v3 Base Score
6.9
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 libXfont 2014-02-03 ALAS-2014-282 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C
NVD CVSSv2 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C