A flaw in X Font Server exposes Solaris to a remote code execution attack. The way Solaris implements the X Font Server (xfs), which is used to handle font rendering on X11 (X Window System) makes this flaw possible.

On his blog - http://blogs.sun.com/alanc/entry/x_font_server_xfs_security - Alan Coopersmith, a member of the X Window System engineering team at Sun, insists that "the recently announced X font server vulnerabilities not only affect Solaris, but are exposed to the network by default in some Solaris installs." He adds that "it's only older installs that are vulnerable by default - Solaris versions up through Solaris 10 6/06 run xfs by default from inetd listening to the network. Solaris 10 11/06 and later Solaris 10 releases ask you at install time if you want your network services to default to being open or closed. Solaris Nevada/Express just closes them all by default and requires you to turn back on the ones you want."

Sun developers are working on an official alert and patches. Meanwhile, Alan Coopersmith recommends to turn off the X font server if users don't need it, until a patch comes out.