X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability

Bugtraq ID: 49124
Class: Boundary Condition Error
CVE: CVE-2011-2895
Remote: No
Local: Yes
Published: Aug 11 2011 12:00AM
Updated: Jan 12 2016 02:01AM
Credit: <br>Tomas Hoger
Vulnerable: X.org LibXfont 1.3.1
X.org LibXfont 1.2.2
X.org LibXfont 1.2.1
X.org LibXfont 1.2
X.org LibXfont 1.4.3
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server 10 SP4
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise SDK 10 SP4
SuSE SUSE Linux Enterprise Desktop 10 SP4
+ Linux kernel 2.6.5
SuSE openSUSE 11.4
SuSE openSUSE 11.3
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux EUS 5.6.z server
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
OpenBSD OpenBSD 2.9
OpenBSD OpenBSD 2.8
OpenBSD OpenBSD 2.7
OpenBSD OpenBSD 2.6
OpenBSD OpenBSD 2.5
OpenBSD OpenBSD 2.4
OpenBSD OpenBSD 2.3
OpenBSD OpenBSD 2.2
OpenBSD OpenBSD 2.1
OpenBSD OpenBSD 2.0
OpenBSD OpenBSD 3.7
OpenBSD OpenBSD 3.6
OpenBSD OpenBSD 3.5
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD 3.3
NetBSD NetBSD 1.5 x86
NetBSD NetBSD 1.5 sh3
NetBSD NetBSD 1.5
NetBSD NetBSD 5.1
NetBSD NetBSD 5.0 RC3
NetBSD NetBSD 5.0
NetBSD NetBSD 4.0 BETA2
NetBSD NetBSD 4.0
NetBSD NetBSD 4,0_Beta
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
FreeBSD Freebsd 8.2
FreeBSD Freebsd 8.1
FreeBSD Freebsd 7.4
FreeBSD Freebsd 7.3
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Avaya Proactive Contact 4.1.2
Avaya Proactive Contact 4.1.1
Avaya Proactive Contact 4.2.2
Avaya Proactive Contact 4.2.1
Avaya Proactive Contact 4.2
Avaya Proactive Contact 4.1
Avaya Proactive Contact 4.0.1
Avaya Proactive Contact 4.0
Avaya Messaging Storage Server 5.2.8
Avaya Messaging Storage Server 5.2.2
Avaya Messaging Storage Server 5.2 SP3
Avaya Messaging Storage Server 5.2 SP2
Avaya Messaging Storage Server 5.2 SP1
Avaya Messaging Storage Server 5.2
Avaya Messaging Storage Server 5.1 SP2
Avaya Messaging Storage Server 5.1 SP1
Avaya Messaging Storage Server 5.1
Avaya Messaging Storage Server 5.0
Avaya Messaging Storage Server 4.0
Avaya Message Networking 5.2.1
Avaya Message Networking 5.2.3
Avaya Message Networking 5.2.2
Avaya Message Networking 5.2 SP1
Avaya Message Networking 5.2
Avaya Message Networking 3.1
Avaya IQ 4.1
Avaya IQ 4.2
Avaya IQ 4.0
Avaya 96x1 IP Deskphone 6
Apple Mac OS X Server 10.6.6
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.2
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X Server 10.6.8
Apple Mac Os X Server 10.6.7
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Apple Mac OS X 10.6
Apple iOS 4.2.1
Apple iOS 4.0.2
Apple iOS 4.0.1
Apple iOS 3.2.2
Apple iOS 3.2.1
Apple iOS 5.1.1
Apple iOS 5.1
Apple iOS 5.0.1
Apple iOS 5
Apple iOS 4.3.5
Apple iOS 4.3.4
Apple iOS 4.3.3
Apple iOS 4.3.2
Apple iOS 4.3.1
Apple iOS 4.3
Apple iOS 4.2.9
Apple iOS 4.2.8
Apple iOS 4.2.7
Apple iOS 4.2.6
Apple iOS 4.2.5
Apple iOS 4.2.10
Apple iOS 4.2
Apple iOS 4.1
Apple iOS 4
Apple iOS 3.2
Apple iOS 3.1
Apple iOS 3.0
Apple iOS 2.1
Apple iOS 2.0
Not Vulnerable: X.org LibXfont 1.4.4
NetBSD Netbsd 5.1.1
NetBSD Netbsd 5.0.3
NetBSD NetBSD Current
Avaya Message Networking 5.2.4
Apple Mac Os X Server 10.7.4
Apple Mac Os X Server 10.7.3
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3


 

Privacy Statement
Copyright 2010, SecurityFocus