Reported to Red Hat by XFree86 on 2004Feb03 via iDefense. A malicious user may craft a malformed 'font.alias' file causing a buffer overflow upon parsing, which could lead to execution of arbitrary code as root on the server. Embargoed. No date for public notification set; CVE applied for. Patch available. Last update was RHSA-2003:289. Will be backported to 4.1.0. Errata in progress.
CAN-2004-0083, embargo lifts on Feb11
Subsequently, iDefense found another issue in the same routine with the same consequences which has been given CVE name CAN-2004-0083. Additionally David Dawes discovered additional flaws in reading font files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0106 to these issues.
>Subsequently, iDefense found another issue in the same routine with >the same consequences which has been given CVE name CAN-2004-0083. That's a typo, the second issue is CAN-2004-0084.
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-060.html