CVE-2007-1351

Name	CVE-2007-1351
Description	Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
References	DSA-1294-1, DSA-1454-1
NVD severity	high (attack range: remote)
Debian Bugs	426771

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
freetype (PTS)	jessie	2.5.2-3+deb8u2	fixed
	jessie (security)	2.5.2-3+deb8u4	fixed
	stretch	2.6.3-3.2	fixed
	buster	2.9.1-3	fixed
	bullseye, sid	2.9.1-4	fixed
libxfont (PTS)	jessie (security), jessie	1:1.5.1-1+deb8u1	fixed
	stretch (security), stretch	1:2.0.1-3+deb9u1	fixed
	bullseye, sid, buster	1:2.0.3-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
freetype	source	(unstable)	2.3.5-1	medium		426771
freetype	source	etch	2.2.1-5+etch2	high	DSA-1454-1
libxfont	source	(unstable)	1:1.2.2-2	medium
xfree86	source	sarge	4.3.0.dfsg.1-14sarge4	high	DSA-1294-1