Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-1797
HistoryAug 16, 2010 - 6:39 p.m.

CVE-2010-1797

2010-08-1618:39:00
CWE-119
[email protected]
web.nvd.nist.gov
61
cve
buffer overflow
freetype
cff
ios
pdf
jailbreakme

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.513 Medium

EPSS

Percentile

97.5%

JSON

Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.

References

Related

openvas 24
exploitpack 1
packetstorm 1
seebug 2
centos 1
cert 1
nessus 21
redhat 2
oraclelinux 1
securityvulns 3
veracode 1
prion 3
debiancve 2
ubuntucve 2
exploitdb 1
cve 2
threatpost 1
ubuntu 1
debian 2
osv 1
fedora 4
gentoo 1
suse 1
openvas
openvas
CentOS Update for freetype CESA-2010:0607 centos3 i386
2010-08-20 00:00:00
RedHat Update for freetype RHSA-2010:0607-02
2010-08-06 00:00:00
Mandriva Update for freetype2 MDVSA-2010:149 (freetype2)
2010-08-13 00:00:00
exploitpack
exploitpack
Foxit Reader 4.0 - .pdf Multiple Stack Based Buffer Overflow Jailbreak
2010-08-24 00:00:00
packetstorm
packetstorm
Foxit Reader 4.0 PDF Jailbreak
2010-08-26 00:00:00
seebug
seebug
Foxit Reader <= 4.0 pdf Jailbreak Exploit
2010-08-25 00:00:00
Foxit Reader <= 4.0 pdf Jailbreak Exploit
2014-07-01 00:00:00
centos
centos
freetype security update
2010-08-06 11:36:59
cert
cert
FreeType 2 CFF font stack corruption vulnerability
2010-08-05 00:00:00
nessus
nessus
Oracle Linux 3 / 4 / 5 : freetype (ELSA-2010-0607)
2013-07-12 00:00:00
CentOS 3 / 4 / 5 : freetype (CESA-2010:0607)
2010-08-09 00:00:00
Foxit Reader < 4.1.1.0805 FreeType CFF Opcodes RCE
2010-08-09 00:00:00
redhat
redhat
(RHSA-2010:0607) Important: freetype security update
2010-08-05 00:00:00
(RHSA-2010:0622) Important: rhev-hypervisor security and bug fix update
2010-08-19 00:00:00
oraclelinux
oraclelinux
freetype security update
2010-08-05 00:00:00
securityvulns
securityvulns
[CORE-2010-0825] Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch
2010-11-10 00:00:00
[USN-972-1] FreeType vulnerabilities
2010-08-19 00:00:00
freetype library multiple security vulnerabilities
2011-11-27 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:47:01
prion
prion
Stack overflow
2010-08-16 18:39:00
Integer overflow
2011-01-07 23:00:00
Design/Logic Flaw
2010-08-05 18:17:00
debiancve
debiancve
CVE-2010-1797
2010-08-16 18:39:00
CVE-2010-3311
2011-01-07 23:00:00
ubuntucve
ubuntucve
CVE-2010-1797
2010-08-12 00:00:00
CVE-2010-3311
2010-09-28 00:00:00
exploitdb
exploitdb
Foxit Reader 4.0 - &#039;.pdf&#039; Multiple Stack Based Buffer Overflow &#039;Jailbreak&#039;
2010-08-24 00:00:00
cve
cve
CVE-2010-3311
2011-01-07 23:00:00
CVE-2010-2972
2010-08-05 18:17:00
threatpost
threatpost
Apple Zaps JailbreakMe Bugs in Record Time
2010-08-11 19:43:56
ubuntu
ubuntu
FreeType vulnerabilities
2010-08-17 00:00:00
debian
debian
[SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
2010-09-07 20:39:32
[SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
2010-09-07 20:39:32
osv
osv
freetype - several vulnerabilities
2010-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: freetype-2.3.11-6.fc13
2010-10-19 07:23:19
[SECURITY] Fedora 12 Update: freetype-2.3.11-6.fc12
2010-11-01 20:53:44
[SECURITY] Fedora 12 Update: freetype-2.3.11-7.fc12
2010-11-21 21:56:42
gentoo
gentoo
FreeType: Multiple vulnerabilities
2012-01-23 00:00:00
suse
suse
Security update for freetype2 (important)
2012-04-23 18:08:18

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.513 Medium

EPSS

Percentile

97.5%

JSON
Related for CVE-2010-1797
openvas24exploitpack1packetstorm1seebug2centos1cert1nessus21redhat2oraclelinux1securityvulns3veracode1prion3debiancve2ubuntucve2exploitdb1cve2threatpost1ubuntu1debian2osv1fedora4gentoo1suse1