aboutsummaryrefslogtreecommitdiff
path: root/nxcompext
diff options
context:
space:
mode:
authorMike DePaulo <mikedep333@gmail.com>2015-02-08 22:08:09 -0500
committerMike Gabriel <mike.gabriel@das-netzwerkteam.de>2015-02-14 16:14:31 +0100
commitc6aebf9284855a0e24ad9c5ffdd36aa65e16bec7 (patch)
tree9a5c047718ac543a246622a476e75da5d013e176 /nxcompext
parent2d724c1a0416895dd39bf33678f42cbb4c51b1ae (diff)
downloadnx-libs-c6aebf9284855a0e24ad9c5ffdd36aa65e16bec7.tar.gz
nx-libs-c6aebf9284855a0e24ad9c5ffdd36aa65e16bec7.tar.bz2
nx-libs-c6aebf9284855a0e24ad9c5ffdd36aa65e16bec7.zip
CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/lib/libXfont commit 491291cabf78efdeec8f18b09e14726a9030cc8f
fs_read_query_info() parses a reply from the font server. The reply contains embedded length fields, none of which are validated. This can cause out of bound reads in either fs_read_query_info() or in _fs_convert_props() which it calls to parse the fsPropInfo in the reply.
Diffstat (limited to 'nxcompext')
0 files changed, 0 insertions, 0 deletions