CVE-2007-1351

Name of the Vulnerable Software and Affected Versions openSUSE versions (affected versions not specified) SUSE Linux Enterprise versions (affected versions not specified) X.Org libXfont versions prior to 20070403 freetype versions prior to 2.3.2 Gentoo Linux freetype versions prior to 2.1.10-r3

Description The issue involves multiple vulnerabilities in various packages of openSUSE and SUSE Linux Enterprise operating systems, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, an integer overflow in the bdfReadCharacters function in bdfread.c in X.Org libXfont before 20070403 and freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, resulting in a heap overflow.

Recommendations For openSUSE and SUSE Linux Enterprise, update the affected packages to the latest versions. For X.Org libXfont, update to version 20070403 or later. For freetype, update to version 2.3.2 or later. For Gentoo Linux freetype, update to version 2.1.10-r3 or later. As a temporary workaround, consider restricting access to the vulnerable packages until a patch is available. Avoid using the bdfReadCharacters function in the affected X.Org libXfont and freetype versions until the issue is resolved.