CVE-2003-0730

NONE EPSS 91.7%
Published Oct 20, 200322y ago · Modified Jun 16, 20262w ago
Find Similar
Published Oct 20, 2003 22y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.

Threat Intelligence

EPSS Exploit Probability
91.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
xfree86_projectx11r64.2.1any
xfree86_projectx11r64.3.0any
netbsdnetbsd1.5any
netbsdnetbsd1.5.1any
netbsdnetbsd1.5.2any
netbsdnetbsd1.5.3any
netbsdnetbsd1.6any
netbsdnetbsd1.6.1any

References 16

  • ftp.netbsd.org ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc
  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821
  • marc.info http://marc.info/?l=bugtraq&m=106229335312429&w=2
  • secunia.com http://secunia.com/advisories/24168
  • secunia.com http://secunia.com/advisories/24247
  • sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1
  • support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm
  • debian.org http://www.debian.org/security/2003/dsa-380
    PatchVendor Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2003:089
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-286.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-287.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-288.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-289.html
  • securityfocus.com http://www.securityfocus.com/bid/8514
    PatchVendor Advisory
  • vupen.com http://www.vupen.com/english/advisories/2007/0589

Remediation

  • debian.org http://www.debian.org/security/2003/dsa-380
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-286.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/8514
    PatchVendor Advisory