Home > Vulnerability Database > CVE-2011-2895

Mend.io Vulnerability Database

CVE-2011-2895

Date: August 19, 2011

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

Language: C

Severity Score

8.1

Related Resources (41)

Url: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html

Url: http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0

Url: https://support.apple.com/HT205640

Url: http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html

Url: https://access.redhat.com/security/cve/CVE-2011-2895

Url: http://www.redhat.com/support/errata/RHSA-2011-1155.html

Url: http://www.redhat.com/support/errata/RHSA-2011-1834.html

Url: https://support.apple.com/HT205641

Url: http://support.apple.com/kb/HT5130

Url: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html

Url: http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html

Url: http://www.ubuntu.com/usn/USN-1191-1

Url: http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:153

Url: http://www.debian.org/security/2011/dsa-2293

Url: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

Url: http://secunia.com/advisories/45986

Url: http://secunia.com/advisories/45568

Url: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc

Url: http://secunia.com/advisories/48951

Url: http://www.redhat.com/support/errata/RHSA-2011-1154.html

Url: http://secunia.com/advisories/45544

Url: http://securitytracker.com/id?1025920

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/69141

Url: http://support.apple.com/kb/HT5281

Url: http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html

Url: https://bugzilla.redhat.com/show_bug.cgi?id=727624

Url: http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html

Url: https://bugzilla.redhat.com/show_bug.cgi?id=725760

Url: http://www.redhat.com/support/errata/RHSA-2011-1161.html

Url: http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html

Url: https://support.apple.com/HT205637

Url: https://support.apple.com/HT205635

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-2895

Url: http://www.openwall.com/lists/oss-security/2011/08/10/10

Url: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17

Url: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html

Url: http://www.securityfocus.com/bid/49124

Url: http://secunia.com/advisories/45599

Url: http://secunia.com/advisories/46127

Url: https://www.mend.io/vulnerability-database/CVE-2011-2895

Severity Score

8.1

Weakness Type (CWE)

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-119

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2011-2895

Date: August 19, 2011

Language: C

Severity Score

Related Resources (41)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?