CVE-2006-3740

NONE EPSS 39.3%
Published Sep 13, 200619y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 13, 2006 19y ago
Last Modified Jun 16, 2026 2w ago

Description

Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.

Threat Intelligence

EPSS Exploit Probability
39.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
x.orgx.org6.8.2any
xfree86_projectxfree86_x*any

References 39

Remediation

  • idefense.com http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0665.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0666.html
    PatchVendor Advisory