9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.513 Medium
EPSS
Percentile
97.5%
FreeType 2 contains a vulnerability in the processing of CFF fonts, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
FreeType is a font engine that can open and process font files. FreeType 2 includes the ability to handle a number of font types, including Compact Font Format (CFF). FreeType is used by a number of applications, including PDF readers, web browsers, and other applications. FreeType 2 contains a flaw in the handling of some CFF opcodes, which can result in stack corruption. This can allow arbitrary code execution.
This vulnerability is being used in the iPhone PDF JailBreak exploit.
By causing an application that uses FreeType to parse a specially-crafted CFF font, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. This can occur as the result of opening a PDF document or viewing a web page.
Apply an update
This vulnerability is fixed in the FreeType source tree. Please check with your vendor for an update.
275247
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: August 04, 2010 Updated: August 11, 2010
Affected
We have not received a statement from the vendor.
This issue is addressed in iOS 4.0.2 and iOS 3.2.2.
We have confirmed that Safari 3.x on Windows is vulnerable, as it uses FreeType. Newer versions are not affected.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23275247 Feedback>).
Notified: August 10, 2010 Updated: August 11, 2010
Statement Date: August 11, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 11, 2010
Statement Date: August 10, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
BIG-IP includes FreeType 2.2.1, however it is not allowed to generate graphs from arbitrary font files or documents. Therefore it is not vulnerable to remote attack.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23275247 Feedback>).
Notified: August 06, 2010 Updated: August 06, 2010
Statement Date: August 06, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Foxit Software has released version 4.1.1.0805 to address this vulnerability. More information can be found at:
<http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#iphone>
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23275247 Feedback>).
Notified: August 10, 2010 Updated: August 11, 2010
Statement Date: August 10, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: August 05, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: September 10, 2010
Statement Date: September 08, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 11, 2010
Statement Date: August 11, 2010
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: September 10, 2010 Updated: September 14, 2010
Statement Date: September 14, 2010
Not Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 23, 2010
Statement Date: August 19, 2010
Not Affected
Juniper Networks products are not susceptible to this vulnerability
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 23, 2010
Statement Date: August 13, 2010
Not Affected
We’re not shipping FreeType 2 in any product.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 10, 2010 Updated: August 10, 2010
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
View all 42 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was discovered being exploited in the wild. Additional analysis was performed by Braden Thomas of Apple Product Security.
This document was written by Will Dormann.
CVE IDs: | CVE-2010-1797 |
---|---|
Severity Metric: | 13.39 Date Public: |
secunia.com/advisories/40816
securitytracker.com/alerts/2010/Aug/1024283.html
support.apple.com/kb/HT4291
support.apple.com/kb/HT4292
www.f-secure.com/weblog/archives/00002002.html
www.foxitsoftware.com/pdf/reader/security_bulletins.php#iphone
www.securityfocus.com/bid/42241
rhn.redhat.com/errata/RHSA-2010-0607.html