VULHUB ™

iDEFENSE Security Advisory 02.10.04: Exploitation of a buffer overflow in the XFree86 X Window System allows local attackers to gain root privileges. The problem specifically exists in the parsing of the font.alias file. The X server, which runs as root, fails to check the length of user provided input. A malicious user may craft a malformed font.alias file causing a buffer overflow upon parsing, eventually leading to the execution of arbitrary code.

iDEFENSE Security Advisory 02.10.04: Exploitation of a buffer overflow in the XFree86 X Window System allows local attackers to gain root privileges. The problem specifically exists in the parsing of the font.alias file. The X server, which runs as root, fails to check the length of user provided input. A malicious user may craft a malformed font.alias file causing a buffer overflow upon parsing, eventually leading to the execution of arbitrary code.