CVE-2007-1352

Name of the Vulnerable Software and Affected Versions openSUSE versions (affected versions not specified) SUSE Linux Enterprise versions (affected versions not specified) X.Org libXfont versions prior to 20070403

Description The issue involves multiple vulnerabilities in various packages of openSUSE and SUSE Linux Enterprise operating systems, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, an integer overflow in the FontFileInitTable function in X.Org libXfont allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, resulting in a heap overflow.

Recommendations For openSUSE, update to a version that includes the fix for the vulnerabilities. For SUSE Linux Enterprise, update to a version that includes the fix for the vulnerabilities. For X.Org libXfont, update to version 20070403 or later. As a temporary workaround, consider restricting access to the vulnerable packages until a patch is available.