CVE-2006-3740

Name of the Vulnerable Software and Affected Versions: X.Org version 6.8.2 libXfont versions prior to 1.2.1

Description: The issue is related to an integer overflow in the scan cidfont function, which can be exploited by local users to execute arbitrary code via crafted font data. This includes modified item counts in specific sections of the font data. Additionally, multiple vulnerabilities in the libXfont package can lead to breaches of confidentiality, integrity, and availability of protected information, and these can be exploited locally.

Recommendations: For X.Org version 6.8.2, update to a version that fixes the integer overflow issue in the scan cidfont function. For libXfont versions prior to 1.2.1, update to version 1.2.1 or later to address the multiple vulnerabilities.