CVE-2003-0730

Name of the Vulnerable Software and Affected Versions XFree86-4.3.0 XFree86-4.2.1 XFree86-4.1.0 XFree86-base-fonts versions 4.3.0 through 4.1.0 XFree86-ISO8859-9-75dpi-fonts versions 4.3.0 through 4.1.0 XFree86-ISO8859-15-100dpi-fonts versions 4.3.0 through 4.1.0 XFree86-100dpi-fonts versions 4.3.0 through 4.1.0 XFree86-75dpi-fonts versions 4.3.0 through 4.1.0 XFree86-devel versions 4.3.0 through 4.1.0 XFree86-doc versions 4.3.0 through 4.1.0 XFree86-libs versions 4.3.0 through 4.1.0 XFree86-Mesa-libGL versions 4.3.0 through 4.1.0 XFree86-Mesa-libGLU versions 4.3.0 through 4.1.0 XFree86-sdk versions 4.3.0 XFree86-tools versions 4.3.0 through 4.1.0 XFree86-twm versions 4.3.0 through 4.1.0 XFree86-xauth versions 4.3.0 through 4.1.0 XFree86-xdm versions 4.3.0 through 4.1.0 XFree86-Xnest versions 4.3.0 through 4.1.0 XFree86-xfs versions 4.3.0 through 4.1.0 XFree86-Xvfb versions 4.3.0 through 4.1.0 XFree86-font-utils versions 4.3.0 through 4.1.0 XFree86-truetype-fonts versions 4.3.0 through 4.1.0 XFree86-cyrillic-fonts versions 4.3.0 through 4.1.0 XFree86-ISO8859-2-75dpi-fonts versions 4.3.0 through 4.1.0 XFree86-ISO8859-2-100dpi-fonts versions 4.3.0 through 4.1.0 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-ISO8859-14-100dpi-fonts version 4.3.0 XFree86-ISO8859-15-75dpi-fonts versions 4.3.0 through 4.1.0

Description The issue affects the XFree86 package in Red Hat Linux, allowing remote attackers to compromise confidentiality, integrity, and availability of protected information. The vulnerability can be exploited through multiple integer overflows in the font libraries, leading to a denial of service or the execution of arbitrary code via heap-based and stack-based buffer overflow attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.