CVE-2013-6462

NONE EPSS 95.1%
Published Jan 9, 201412y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 9, 2014 12y ago
Last Modified Jun 17, 2026 2w ago

Description

Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.

Threat Intelligence

EPSS Exploit Probability
95.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 23

VendorProductVersionRange
xlibxfont1.1.0any
xlibxfont1.2.0any
xlibxfont1.2.1any
xlibxfont1.2.2any
xlibxfont1.2.3any
xlibxfont1.2.4any
xlibxfont1.2.5any
xlibxfont1.2.6any
xlibxfont1.2.7any
xlibxfont1.2.8any
xlibxfont1.2.9any
xlibxfont1.3.0any
xlibxfont1.3.1any
xlibxfont1.3.2any
xlibxfont1.3.3any
xlibxfont1.3.4any
xlibxfont1.4.0any
xlibxfont1.4.1any
xlibxfont1.4.2any
xlibxfont1.4.3any
xlibxfont1.4.4any
xlibxfont1.4.5any
xlibxfont1.4.6any

References 16

Remediation

  • cgit.freedesktop.org http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
    ExploitPatch