Lucene search

K
cve[email protected]CVE-2006-3467
HistoryJul 21, 2006 - 2:03 p.m.

CVE-2006-3467

2006-07-2114:03:00
CWE-189
web.nvd.nist.gov
43
freetype
integer overflow
denial of service
arbitrary code execution
pcf file
cve-2006-3467

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.168 Low

EPSS

Percentile

95.9%

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

CPENameOperatorVersion
freetype:freetypefreetypele2.1

References

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.168 Low

EPSS

Percentile

95.9%