8.6 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.243 Low
EPSS
Percentile
96.5%
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
secunia.com/advisories/42314
secunia.com/advisories/42317
secunia.com/advisories/48951
support.apple.com/kb/HT4435
support.apple.com/kb/HT4456
support.apple.com/kb/HT4457
www.vupen.com/english/advisories/2010/3045
www.vupen.com/english/advisories/2010/3046
bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019