A NULL pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format (BDF) fonts.
A remote attacker could provide a specially crafted BDF font file, which once processed in an application linked against FreeType would lead to that application crash (CVE-2012-5668).
An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash (CVE-2012-5669).
An out-of heap-based buffer write flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially crafted font file, which once opened in an application linked against FreeType would lead to that application crash, or, potentially, arbitrary code execution with the privileges of the user running the application (CVE-2012-5670).
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2013:039.
# The text itself is copyright (C) Mandriva S.A.
#
include("compat.inc");
if (description)
{
script_id(66053);
script_version("$Revision: 1.6 $");
script_cvs_date("$Date: 2014/08/20 15:05:36 $");
script_cve_id("CVE-2012-5668", "CVE-2012-5669", "CVE-2012-5670");
script_bugtraq_id(57041);
script_xref(name:"MDVSA", value:"2013:039");
script_xref(name:"MGASA", value:"2012-0369");
script_name(english:"Mandriva Linux Security Advisory : freetype2 (MDVSA-2013:039)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated freetype2 packages fixes security vulnerabilities :
A NULL pointer de-reference flaw was found in the way Freetype font
rendering engine handled Glyph bitmap distribution format (BDF) fonts.
A remote attacker could provide a specially crafted BDF font file,
which once processed in an application linked against FreeType would
lead to that application crash (CVE-2012-5668).
An out-of heap-based buffer read flaw was found in the way FreeType
font rendering engine performed parsing of glyph information and
relevant bitmaps for glyph bitmap distribution format (BDF). A remote
attacker could provide a specially crafted BDF font file, which once
opened in an application linked against FreeType would lead to that
application crash (CVE-2012-5669).
An out-of heap-based buffer write flaw was found in the way FreeType
font rendering engine performed parsing of glyph information and
relevant bitmaps for glyph bitmap distribution format (BDF). A remote
attacker could provide a specially crafted font file, which once
opened in an application linked against FreeType would lead to that
application crash, or, potentially, arbitrary code execution with the
privileges of the user running the application (CVE-2012-5670)."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:freetype2-demos");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64freetype6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64freetype6-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64freetype6-static-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
script_set_attribute(attribute:"patch_publication_date", value:"2013/04/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/20");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"freetype2-demos-2.4.9-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64freetype6-2.4.9-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64freetype6-devel-2.4.9-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64freetype6-static-devel-2.4.9-2.1.mbs1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "MANDRIVA_MDVSA-2013-039.NASL", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : freetype2 (MDVSA-2013:039)", "description": "Updated freetype2 packages fixes security vulnerabilities :\n\nA NULL pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format (BDF) fonts.\nA remote attacker could provide a specially crafted BDF font file, which once processed in an application linked against FreeType would lead to that application crash (CVE-2012-5668).\n\nAn out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash (CVE-2012-5669).\n\nAn out-of heap-based buffer write flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially crafted font file, which once opened in an application linked against FreeType would lead to that application crash, or, potentially, arbitrary code execution with the privileges of the user running the application (CVE-2012-5670).", "published": "2013-04-20T00:00:00", "modified": "2014-08-20T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=66053", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "type": "nessus", "lastseen": "2017-10-29T13:34:37", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Updated freetype2 packages fixes security vulnerabilities :\n\nA NULL pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format (BDF) fonts.\nA remote attacker could provide a specially crafted BDF font file, which once processed in an application linked against FreeType would lead to that application crash (CVE-2012-5668).\n\nAn out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash (CVE-2012-5669).\n\nAn out-of heap-based buffer write flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially crafted font file, which once opened in an application linked against FreeType would lead to that application crash, or, potentially, arbitrary code execution with the privileges of the user running the application (CVE-2012-5670).", "edition": 1, "enchantments": {}, "hash": "80951f24061214027684cb6674fafa2773ed0352170d1b1fed63b9da8607f47f", "hashmap": [{"hash": "72bd37631099303d7950c100cbeb09b8", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "56764ae2b7830c5ad15c6446c19a247a", "key": "description"}, {"hash": "7f11b990e692d8bc6cd16c0eb5466e64", "key": "modified"}, {"hash": "b94f7a9d9658386805df04d967dc1a59", "key": "cvelist"}, {"hash": "3873c836ae45fd496c2b40bae50467ed", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8277f4b5ed0321254b5e6e09ca4d3fd2", "key": "pluginID"}, {"hash": "62ac00828af2e0f19424992deefe9163", "key": "title"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "e6be430702806057a08796665266c884", "key": "sourceData"}, {"hash": "634d1af54c551c354e3204db0cbbc77a", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=66053", "id": "MANDRIVA_MDVSA-2013-039.NASL", "lastseen": "2016-09-26T17:23:34", "modified": "2014-08-20T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.2", "pluginID": "66053", "published": "2013-04-20T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:039. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66053);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2014/08/20 15:05:36 $\");\n\n script_cve_id(\"CVE-2012-5668\", \"CVE-2012-5669\", \"CVE-2012-5670\");\n script_bugtraq_id(57041);\n script_xref(name:\"MDVSA\", value:\"2013:039\");\n script_xref(name:\"MGASA\", value:\"2012-0369\");\n\n script_name(english:\"Mandriva Linux Security Advisory : freetype2 (MDVSA-2013:039)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated freetype2 packages fixes security vulnerabilities :\n\nA NULL pointer de-reference flaw was found in the way Freetype font\nrendering engine handled Glyph bitmap distribution format (BDF) fonts.\nA remote attacker could provide a specially crafted BDF font file,\nwhich once processed in an application linked against FreeType would\nlead to that application crash (CVE-2012-5668).\n\nAn out-of heap-based buffer read flaw was found in the way FreeType\nfont rendering engine performed parsing of glyph information and\nrelevant bitmaps for glyph bitmap distribution format (BDF). A remote\nattacker could provide a specially crafted BDF font file, which once\nopened in an application linked against FreeType would lead to that\napplication crash (CVE-2012-5669).\n\nAn out-of heap-based buffer write flaw was found in the way FreeType\nfont rendering engine performed parsing of glyph information and\nrelevant bitmaps for glyph bitmap distribution format (BDF). A remote\nattacker could provide a specially crafted font file, which once\nopened in an application linked against FreeType would lead to that\napplication crash, or, potentially, arbitrary code execution with the\nprivileges of the user running the application (CVE-2012-5670).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:freetype2-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64freetype6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64freetype6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64freetype6-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"freetype2-demos-2.4.9-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64freetype6-2.4.9-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64freetype6-devel-2.4.9-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64freetype6-static-devel-2.4.9-2.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : freetype2 (MDVSA-2013:039)", "type": "nessus", "viewCount": 1}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:34"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "603733efd45d186c54d63908ab1d323f"}, {"key": "cvelist", "hash": "b94f7a9d9658386805df04d967dc1a59"}, {"key": "cvss", "hash": "3873c836ae45fd496c2b40bae50467ed"}, {"key": "description", "hash": "56764ae2b7830c5ad15c6446c19a247a"}, {"key": "href", "hash": "72bd37631099303d7950c100cbeb09b8"}, {"key": "modified", "hash": "7f11b990e692d8bc6cd16c0eb5466e64"}, {"key": "naslFamily", "hash": "526837706681051344a466f9e51ac982"}, {"key": "pluginID", "hash": "8277f4b5ed0321254b5e6e09ca4d3fd2"}, {"key": "published", "hash": "634d1af54c551c354e3204db0cbbc77a"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "e6be430702806057a08796665266c884"}, {"key": "title", "hash": "62ac00828af2e0f19424992deefe9163"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "1c066778a2cefe49d9365ad2f4d5e71ca04e76a0afe240e52fc3be855ce0a521", "viewCount": 1, "enchantments": {"vulnersScore": 6.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:039. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66053);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2014/08/20 15:05:36 $\");\n\n script_cve_id(\"CVE-2012-5668\", \"CVE-2012-5669\", \"CVE-2012-5670\");\n script_bugtraq_id(57041);\n script_xref(name:\"MDVSA\", value:\"2013:039\");\n script_xref(name:\"MGASA\", value:\"2012-0369\");\n\n script_name(english:\"Mandriva Linux Security Advisory : freetype2 (MDVSA-2013:039)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated freetype2 packages fixes security vulnerabilities :\n\nA NULL pointer de-reference flaw was found in the way Freetype font\nrendering engine handled Glyph bitmap distribution format (BDF) fonts.\nA remote attacker could provide a specially crafted BDF font file,\nwhich once processed in an application linked against FreeType would\nlead to that application crash (CVE-2012-5668).\n\nAn out-of heap-based buffer read flaw was found in the way FreeType\nfont rendering engine performed parsing of glyph information and\nrelevant bitmaps for glyph bitmap distribution format (BDF). A remote\nattacker could provide a specially crafted BDF font file, which once\nopened in an application linked against FreeType would lead to that\napplication crash (CVE-2012-5669).\n\nAn out-of heap-based buffer write flaw was found in the way FreeType\nfont rendering engine performed parsing of glyph information and\nrelevant bitmaps for glyph bitmap distribution format (BDF). A remote\nattacker could provide a specially crafted font file, which once\nopened in an application linked against FreeType would lead to that\napplication crash, or, potentially, arbitrary code execution with the\nprivileges of the user running the application (CVE-2012-5670).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:freetype2-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64freetype6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64freetype6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64freetype6-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"freetype2-demos-2.4.9-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64freetype6-2.4.9-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64freetype6-devel-2.4.9-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64freetype6-static-devel-2.4.9-2.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "66053", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:lib64freetype6", "p-cpe:/a:mandriva:linux:lib64freetype6-static-devel", "p-cpe:/a:mandriva:linux:freetype2-demos", "p-cpe:/a:mandriva:linux:lib64freetype6-devel"]}
{"result": {"cve": [{"id": "CVE-2012-5670", "type": "cve", "title": "CVE-2012-5670", "description": "The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.", "published": "2013-01-24T16:55:01", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5670", "cvelist": ["CVE-2012-5670"], "lastseen": "2017-04-18T15:53:34"}, {"id": "CVE-2012-5669", "type": "cve", "title": "CVE-2012-5669", "description": "The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.", "published": "2013-01-24T16:55:01", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5669", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-04-18T15:53:34"}, {"id": "CVE-2012-5668", "type": "cve", "title": "CVE-2012-5668", "description": "FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an \"allocation error\" in the bdf_free_font function.", "published": "2013-01-24T16:55:01", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5668", "cvelist": ["CVE-2012-5668"], "lastseen": "2017-04-18T15:53:34"}], "slackware": [{"id": "SSA-2013-015-01", "type": "slackware", "title": "freetype", "description": "New freetype packages are available for Slackware 12.1, 12.2, 13.0, 13.1,\n13.37, 14.0, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/freetype-2.4.11-i486-1_slack14.0.txz: Upgraded.\n This release fixes several security bugs that could cause freetype to\n crash or run programs upon opening a specially crafted file.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/freetype-2.4.11-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/freetype-2.4.11-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/freetype-2.4.11-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/freetype-2.4.11-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/freetype-2.4.11-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/freetype-2.4.11-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/freetype-2.4.11-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/freetype-2.4.11-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/freetype-2.4.11-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/freetype-2.4.11-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/freetype-2.4.11-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/freetype-2.4.11-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\n4d5295c13a8a4499d0adf3999b3de868 freetype-2.4.11-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nfd6d0cb912feb28ca1e4ef5afaf4e374 freetype-2.4.11-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n2d36e3d0feabecf05377265bba7fb212 freetype-2.4.11-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n396fbce466003efe9943b727c3fc8781 freetype-2.4.11-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n9e3a839ad4e10824f5e3c4d4ab929787 freetype-2.4.11-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ne4f445a443e2c35349f2862c69ac094e freetype-2.4.11-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n9eae4d85099556bd0cf83b2421e751cd freetype-2.4.11-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n0480a082207c0cd323c3937ac36e043a freetype-2.4.11-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n5a105c177d2efc56ad13cac3a4e8da10 freetype-2.4.11-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ne07e161d4b9018cc8b8d5cbb98c8b2c5 freetype-2.4.11-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n10fa0b771447a25afe289f0e5f4785f6 l/freetype-2.4.11-i486-1.txz\n\nSlackware x86_64 -current package:\nd560da3a4928881d89d19ccdafd94e25 l/freetype-2.4.11-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg freetype-2.4.11-i486-1_slack14.0.txz", "published": "2013-01-15T20:21:38", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2018-02-02T18:11:35"}], "ubuntu": [{"id": "USN-1686-1", "type": "ubuntu", "title": "FreeType vulnerabilities", "description": "Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.", "published": "2013-01-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/1686-1/", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2018-03-29T18:19:24"}], "openvas": [{"id": "OPENVAS:841275", "type": "openvas", "title": "Ubuntu Update for freetype USN-1686-1", "description": "Check for the Version of freetype", "published": "2013-01-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841275", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2018-02-05T11:11:05"}, {"id": "OPENVAS:1361412562310841275", "type": "openvas", "title": "Ubuntu Update for freetype USN-1686-1", "description": "Check for the Version of freetype", "published": "2013-01-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841275", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2018-04-06T11:22:43"}, {"id": "OPENVAS:1361412562310121147", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201402-16", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201402-16", "published": "2015-09-29T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121147", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2018-04-09T11:28:38"}, {"id": "OPENVAS:881584", "type": "openvas", "title": "CentOS Update for freetype CESA-2013:0216 centos5 ", "description": "Check for the Version of freetype", "published": "2013-02-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881584", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-07-25T10:52:12"}, {"id": "OPENVAS:1361412562310881589", "type": "openvas", "title": "CentOS Update for freetype CESA-2013:0216 centos6 ", "description": "Check for the Version of freetype", "published": "2013-02-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881589", "cvelist": ["CVE-2012-5669"], "lastseen": "2018-04-06T11:22:30"}, {"id": "OPENVAS:865327", "type": "openvas", "title": "Fedora Update for freetype FEDORA-2013-1492", "description": "Check for the Version of freetype", "published": "2013-02-08T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=865327", "cvelist": ["CVE-2012-5669"], "lastseen": "2018-02-05T11:11:17"}, {"id": "OPENVAS:1361412562310865357", "type": "openvas", "title": "Fedora Update for freetype FEDORA-2013-1466", "description": "Check for the Version of freetype", "published": "2013-02-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865357", "cvelist": ["CVE-2012-5669"], "lastseen": "2018-04-06T11:22:55"}, {"id": "OPENVAS:1361412562310881584", "type": "openvas", "title": "CentOS Update for freetype CESA-2013:0216 centos5 ", "description": "Check for the Version of freetype", "published": "2013-02-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881584", "cvelist": ["CVE-2012-5669"], "lastseen": "2018-04-09T11:24:47"}, {"id": "OPENVAS:881589", "type": "openvas", "title": "CentOS Update for freetype CESA-2013:0216 centos6 ", "description": "Check for the Version of freetype", "published": "2013-02-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881589", "cvelist": ["CVE-2012-5669"], "lastseen": "2018-01-19T15:09:15"}, {"id": "OPENVAS:1361412562310120232", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2013-150", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120232", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-07-24T12:51:55"}], "nessus": [{"id": "GENTOO_GLSA-201402-16.NASL", "type": "nessus", "title": "GLSA-201402-16 : FreeType: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201402-16 (FreeType: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted font, possibly resulting in execution of arbitrary code with the privileges of the user running the application, or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "published": "2014-02-12T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72453", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2017-10-29T13:37:19"}, {"id": "OPENSUSE-2013-44.NASL", "type": "nessus", "title": "openSUSE Security Update : freetype2 (openSUSE-SU-2013:0165-1)", "description": "- BNC#795826, CVE-2012-5668.patch [bdf] Fix Savannah bug #37905.\n\n - src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero in case of allocation error; this value gets used in a loop in\n\n - BNC#795826, CVE-2012-5669.patch [bdf] Fix Savannah bug #37906.\n\n - src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size for checking `glyph_enc'.\n\n - BNC#795826, CVE-2012-5670.patch [bdf] Fix Savannah bug #37907.\n\n - src/bdf/bdflib.c (_bdf_parse_glyphs) <ENCODING>:\n Normalize negative second parameter of `ENCODING' field also.", "published": "2014-06-13T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75015", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2017-10-29T13:38:19"}, {"id": "UBUNTU_USN-1686-1.NASL", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : freetype vulnerabilities (USN-1686-1)", "description": "Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-01-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63536", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2017-10-29T13:39:21"}, {"id": "SOLARIS11_FREETYPE_20140415.NASL", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : freetype (multiple_buffer_errors_vulnerabilities_in)", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an 'allocation error' in the bdf_free_font function. (CVE-2012-5668)\n\n - The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.\n (CVE-2012-5669)\n\n - The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value. (CVE-2012-5670)", "published": "2015-01-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80614", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2017-10-29T13:33:51"}, {"id": "SLACKWARE_SSA_2013-015-01.NASL", "type": "nessus", "title": "Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : freetype (SSA:2013-015-01)", "description": "New freetype packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.", "published": "2013-01-16T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63555", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2017-10-29T13:46:02"}, {"id": "REDHAT-RHSA-2013-0216.NASL", "type": "nessus", "title": "RHEL 5 / 6 : freetype (RHSA-2013:0216)", "description": "Updated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nFreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently.\n\nA flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5669)\n\nUsers are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The X server must be restarted (log out, then log back in) for this update to take effect.", "published": "2013-02-01T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=64390", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-10-29T13:45:00"}, {"id": "FEDORA_2013-1466.NASL", "type": "nessus", "title": "Fedora 17 : freetype-2.4.8-4.fc17 (2013-1466)", "description": "This update fixes CVE-2012-5669.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-02-13T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=64593", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-10-29T13:35:39"}, {"id": "ORACLELINUX_ELSA-2013-0216.NASL", "type": "nessus", "title": "Oracle Linux 5 / 6 : freetype (ELSA-2013-0216)", "description": "From Red Hat Security Advisory 2013:0216 :\n\nUpdated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nFreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently.\n\nA flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5669)\n\nUsers are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The X server must be restarted (log out, then log back in) for this update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68720", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-10-29T13:38:59"}, {"id": "SL_20130131_FREETYPE_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : freetype on SL5.x, SL6.x i386/x86_64", "description": "A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5669)\n\nThe X server must be restarted (log out, then log back in) for this update to take effect.", "published": "2013-02-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=64424", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-10-29T13:39:44"}, {"id": "CENTOS_RHSA-2013-0216.NASL", "type": "nessus", "title": "CentOS 5 / 6 : freetype (CESA-2013:0216)", "description": "Updated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nFreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently.\n\nA flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5669)\n\nUsers are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The X server must be restarted (log out, then log back in) for this update to take effect.", "published": "2013-02-01T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=64383", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-10-29T13:35:18"}], "gentoo": [{"id": "GLSA-201402-16", "type": "gentoo", "title": "FreeType: Multiple vulnerabilities", "description": "### Background\n\nFreeType is a high-quality and portable font engine.\n\n### Description\n\nMultiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted font, possibly resulting in execution of arbitrary code with the privileges of the user running the application, or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Freetype users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/freetype-2.4.11\"\n \n\nPackages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying these packages.", "published": "2014-02-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201402-16", "cvelist": ["CVE-2012-5670", "CVE-2012-5669", "CVE-2012-5668"], "lastseen": "2016-09-06T19:47:00"}], "f5": [{"id": "SOL15095307", "type": "f5", "title": "SOL15095307 - BDF parsing vulnerability CVE-2012-5669", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n", "published": "2016-02-01T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/15/sol15095307.html", "cvelist": ["CVE-2012-5669"], "lastseen": "2016-09-26T17:23:16"}, {"id": "F5:K15095307", "type": "f5", "title": "BDF parsing vulnerability CVE-2012-5669", "description": "\nF5 Product Development has assigned ID 384002, ID 570430 (BIG-IP), ID 570513 (Enterprise Manager), and ID 513595 (ARX) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 \n11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 12.1.0 \n11.5.0 - 11.6.0 \n11.2.1 HF16 | Low | FreeType \nBIG-IP AAM | 12.0.0 \n11.4.0 - 11.4.1 | 12.1.0 \n11.5.0 - 11.6.0 | Low | FreeType \nBIG-IP AFM | 12.0.0 \n11.3.0 - 11.4.1 | 12.1.0 \n11.5.0 - 11.6.0 | Low | FreeType \nBIG-IP Analytics | 12.0.0 \n11.0.0 - 11.4.1 | 12.1.0 \n11.5.0 - 11.6.0 \n11.2.1 HF16 | Low | FreeType \nBIG-IP APM | 12.0.0 \n11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 12.1.0 \n11.5.0 - 11.6.0 \n11.2.1 HF16 | Low | FreeType \nBIG-IP ASM | 12.0.0 \n11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 12.1.0 \n11.5.0 - 11.6.0 \n11.2.1 HF16 | Low | FreeType \nBIG-IP DNS | 12.0.0 | 12.1.0 | Low | FreeType \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | Low | FreeType \nBIG-IP GTM | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 11.5.0 - 11.6.0 \n11.2.1 HF16 | Low | FreeType \nBIG-IP Link Controller | 12.0.0 \n11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 12.1.0 \n11.5.0 - 11.6.0 \n11.2.1 HF16 | Low | FreeType \nBIG-IP PEM | 12.0.0 \n11.3.0 - 11.4.1 | 12.1.0 \n11.5.0 - 11.6.0 | Low | FreeType \nBIG-IP PSM | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | Low | FreeType \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | Low | FreeType \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.2.1 HF16 | Low | FreeType \nARX | 6.0.0 - 6.4.0 | None | Low | FreeType \nEnterprise Manager | 3.0.0 - 3.1.1 | None | Low | FreeType \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "published": "2016-02-02T09:42:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K15095307", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-11-07T20:34:07"}], "amazon": [{"id": "ALAS-2013-150", "type": "amazon", "title": "Important: freetype", "description": "**Issue Overview:**\n\nA flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. ([CVE-2012-5669 __](<https://access.redhat.com/security/cve/CVE-2012-5669>))\n\n \n**Affected Packages:** \n\n\nfreetype\n\n \n**Issue Correction:** \nRun _yum update freetype_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n freetype-devel-2.3.11-14.13.amzn1.i686 \n freetype-debuginfo-2.3.11-14.13.amzn1.i686 \n freetype-2.3.11-14.13.amzn1.i686 \n freetype-demos-2.3.11-14.13.amzn1.i686 \n \n src: \n freetype-2.3.11-14.13.amzn1.src \n \n x86_64: \n freetype-devel-2.3.11-14.13.amzn1.x86_64 \n freetype-2.3.11-14.13.amzn1.x86_64 \n freetype-demos-2.3.11-14.13.amzn1.x86_64 \n freetype-debuginfo-2.3.11-14.13.amzn1.x86_64 \n \n \n", "published": "2013-02-03T12:34:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2013-150.html", "cvelist": ["CVE-2012-5669"], "lastseen": "2016-09-28T21:03:58"}], "redhat": [{"id": "RHSA-2013:0216", "type": "redhat", "title": "(RHSA-2013:0216) Important: freetype security update", "description": "FreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently.\n\nA flaw was found in the way the FreeType font rendering engine processed\ncertain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a\nspecially-crafted font file with an application linked against FreeType, it\ncould cause the application to crash or, possibly, execute arbitrary code\nwith the privileges of the user running the application. (CVE-2012-5669)\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue. The X server must be restarted (log\nout, then log back in) for this update to take effect.\n", "published": "2013-01-31T05:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2013:0216", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-11-24T14:07:06"}], "centos": [{"id": "CESA-2013:0216", "type": "centos", "title": "freetype security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:0216\n\n\nFreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently.\n\nA flaw was found in the way the FreeType font rendering engine processed\ncertain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a\nspecially-crafted font file with an application linked against FreeType, it\ncould cause the application to crash or, possibly, execute arbitrary code\nwith the privileges of the user running the application. (CVE-2012-5669)\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue. The X server must be restarted (log\nout, then log back in) for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019224.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-January/019217.html\n\n**Affected packages:**\nfreetype\nfreetype-demos\nfreetype-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0216.html", "published": "2013-01-31T21:55:44", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-January/019217.html", "cvelist": ["CVE-2012-5669"], "lastseen": "2017-11-13T10:43:37"}], "oraclelinux": [{"id": "ELSA-2013-0216", "type": "oraclelinux", "title": "freetype security update", "description": "[2.3.11-14.el6_3.1]\n- Fix CVE-2012-5669\n (Use correct array size for checking 'glyph_enc')\n- Resolves: #903542\n[2.3.11-14]\n- A little change in configure part\n- Related: #723468\n[2.3.11-13]\n- Fix CVE-2012-{1126, 1127, 1130, 1131, 1132, 1134, 1136,\n 1137, 1139, 1140, 1141, 1142, 1143, 1144}\n- Properly initialize array 'result' in\n FT_Outline_Get_Orientation()\n- Check bytes per row for overflow in _bdf_parse_glyphs()\n- Resolves: #806269\n[2.3.11-12]\n- Add freetype-2.3.11-CVE-2011-3439.patch\n (Various loading fixes.)\n- Resolves: #754012\n[2.3.11-11]\n- Add freetype-2.3.11-CVE-2011-3256.patch\n (Handle some border cases.)\n- Resolves: #747084\n[2.3.11-10]\n- Use -fno-strict-aliasing instead of __attribute__((__may_alias__))\n- Resolves: #723468\n[2.3.11-9]\n- Allow FT_Glyph to alias (to pass Rpmdiff)\n- Resolves: #723468\n[2.3.11-8]\n- Add freetype-2.3.11-CVE-2011-0226.patch\n (Add better argument check for 'callothersubr'.)\n - based on patches by Werner Lemberg,\n Alexei Podtelezhnikov and Matthias Drochner\n- Resolves: #723468\n[2.3.11-7]\n- Add freetype-2.3.11-CVE-2010-3855.patch\n (Protect against invalid 'runcnt' values.)\n- Resolves: #651762", "published": "2013-01-31T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-0216.html", "cvelist": ["CVE-2011-3256", "CVE-2011-0226", "CVE-2012-5669", "CVE-2010-3855", "CVE-2011-3439"], "lastseen": "2016-09-04T11:16:21"}, {"id": "ELSA-2015-0696", "type": "oraclelinux", "title": "freetype security update", "description": "[2.3.11-15.el6_6.1]\n- Fixes CVE-2014-9657\n - Check minimum size of record_size.\n- Fixes CVE-2014-9658\n - Use correct value for minimum table length test.\n- Fixes CVE-2014-9675\n - New macro that checks one character more than strncmp.\n- Fixes CVE-2014-9660\n - Check _BDF_GLYPH_BITS.\n- Fixes CVE-2014-9661\n - Initialize face->ttf_size.\n - Always set face->ttf_size directly.\n - Exclusively use the truetype font driver for loading\n the font contained in the sfnts array.\n- Fixes CVE-2014-9663\n - Fix order of validity tests.\n- Fixes CVE-2014-9664\n - Add another boundary testing.\n - Fix boundary testing.\n- Fixes CVE-2014-9667\n - Protect against addition overflow.\n- Fixes CVE-2014-9669\n - Protect against overflow in additions and multiplications.\n- Fixes CVE-2014-9670\n - Add sanity checks for row and column values.\n- Fixes CVE-2014-9671\n - Check size and offset values.\n- Fixes CVE-2014-9673\n - Fix integer overflow by a broken POST table in resource-fork.\n- Fixes CVE-2014-9674\n - Fix integer overflow by a broken POST table in resource-fork.\n - Additional overflow check in the summation of POST fragment lengths.\n- Work around behaviour of X11s pcfWriteFont and pcfReadFont functions\n- Resolves: #1197737\n[2.3.11-15]\n- Fix CVE-2012-5669\n (Use correct array size for checking glyph_enc)\n- Resolves: #903543", "published": "2015-03-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-0696.html", "cvelist": ["CVE-2014-9657", "CVE-2014-9675", "CVE-2014-9664", "CVE-2014-9660", "CVE-2014-9671", "CVE-2014-9658", "CVE-2014-9674", "CVE-2014-9669", "CVE-2012-5669", "CVE-2014-9673", "CVE-2014-9670", "CVE-2014-9667", "CVE-2014-9663", "CVE-2014-9661"], "lastseen": "2016-09-04T11:16:42"}]}}