CVE-2006-3740

NameCVE-2006-3740
DescriptionInteger overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1193-1
NVD severityhigh (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libxfont (PTS)wheezy1:1.4.5-5fixed
wheezy (security)1:1.4.5-5+deb7u1fixed
jessie1:1.5.1-1fixed
jessie (security)1:1.5.1-1+deb8u1fixed
stretch1:2.0.1-3fixed
stretch (security)1:2.0.1-3+deb9u1fixed
buster, sid1:2.0.1-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libxfontsource(unstable)1:1.2.2-1high
xfree86sourcesarge4.3.0.dfsg.1-14sarge2highDSA-1193-1

Search for package or bug name: Reporting problems