XFree86 XLOCALEDIR Local Buffer Overflow Vulnerability

XFree86 XLOCALEDIR Local Buffer Overflow Vulnerability

Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable.

A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.