CentOS Update For LibXfont CESA-2014:0018 Centos6 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2013-6462) Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.

Affected

libXfont on CentOS 6

References

http://lists.centos.org/pipermail/centos-announce/2014-January/020104.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6462

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CentOS Security Advisory CESA-2009:1134 (seamonkey)
CentOS Security Advisory CESA-2009:1219 (libvorbis)
CentOS Security Advisory CESA-2009:0257 (seamonkey)
CentOS Security Advisory CESA-2009:0019-01 (hanterm-xf)
CentOS Security Advisory CESA-2009:1059 (pidgin)

CentOS Update for libXfont CESA-2014:0018 centos6

Take action and discover your vulnerabilities