Уязвимость CVE-2011-2895: Информация

Описание

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

Важность: CRITICAL (9,3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2011-2895

Опубликовано: 19 августа 2011 г.

Изменено: 29 августа 2017 г.

Идентификатор типа ошибки: CWE-119

Ссылки на рекомендации, решения и инструменты

Ссылка	Ресурс
USN-1191-1
[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption	Patch
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0	Patch
https://bugzilla.redhat.com/show_bug.cgi?id=725760	Patch
RHSA-2011:1155	Vendor Advisory
45568	Vendor Advisory
[oss-security] 20110810 LZW decompression issues
1025920
DSA-2293
45544	Vendor Advisory
RHSA-2011:1154	Vendor Advisory
49124
45599	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=727624
[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4	Patch
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
RHSA-2011:1161	Vendor Advisory
45986
SUSE-SU-2011:1035
46127
NetBSD-SA2011-007
MDVSA-2011:153
openSUSE-SU-2011:1299
RHSA-2011:1834
APPLE-SA-2012-02-01-1
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
APPLE-SA-2012-05-09-1
48951
https://support.apple.com/HT205635
APPLE-SA-2015-12-08-3
https://support.apple.com/HT205637
APPLE-SA-2015-12-08-4
APPLE-SA-2015-12-08-1
https://support.apple.com/HT205641
APPLE-SA-2015-12-08-2
https://support.apple.com/HT205640
xorg-lzw-bo(69141)

Подверженные конфигурации:
1. Конфигурация 1
  cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
  cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*
  cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*
  End including
  1.4.3
  cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*
  cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
  cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
  End including
  3.7
  cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*
  cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*

Версия: v24.4.2

Наверх

Уязвимость CVE-2011-2895: Информация

Описание

Ссылки на рекомендации, решения и инструменты

Конфигурация 1