CVE-2016-7943: libX11: Insufficient validation of server responses in FontNames

Severity: Critical

CVSS Score: 9.8

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.