CVE-2006-3739

NONE EPSS 43.3%
Published Sep 13, 200619y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 13, 2006 19y ago
Last Modified Jun 16, 2026 2w ago

Description

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.

Threat Intelligence

EPSS Exploit Probability
43.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
x.orgx.org6.8.2any
xfree86_projectxfree86_x*any

References 39

Remediation

  • idefense.com http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0665.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0666.html
    PatchVendor Advisory