Lucene search

[email protected]NVD:CVE-2006-3467

HistoryJul 21, 2006 - 2:03 p.m.

CVE-2006-3467

2006-07-2114:03:00

CWE-189

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.168 Low

EPSS

Percentile

96.1%

JSON

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

Affected configurations

NVD

Node

freetypefreetypeRange≤2.1

References

ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html

lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html

secunia.com/advisories/21062

secunia.com/advisories/21135

secunia.com/advisories/21144

secunia.com/advisories/21232

secunia.com/advisories/21285

secunia.com/advisories/21566

secunia.com/advisories/21567

secunia.com/advisories/21606

secunia.com/advisories/21626

secunia.com/advisories/21701

secunia.com/advisories/21793

secunia.com/advisories/21798

secunia.com/advisories/21836

secunia.com/advisories/22027

secunia.com/advisories/22332

secunia.com/advisories/22875

secunia.com/advisories/22907

secunia.com/advisories/23400

secunia.com/advisories/23939

secunia.com/advisories/27271

secunia.com/advisories/33937

security.gentoo.org/glsa/glsa-200609-04.xml

securitytracker.com/id?1016522

sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1

support.apple.com/kb/HT3438

support.avaya.com/elmodocs2/security/ASA-2006-176.htm

support.avaya.com/elmodocs2/security/ASA-2006-186.htm

support.avaya.com/elmodocs2/security/ASA-2006-284.htm

www.debian.org/security/2006/dsa-1178

www.debian.org/security/2006/dsa-1193

www.mandriva.com/security/advisories?name=MDKSA-2006:129

www.mandriva.com/security/advisories?name=MDKSA-2006:148

www.redhat.com/support/errata/RHSA-2006-0500.html

www.redhat.com/support/errata/RHSA-2006-0634.html

www.redhat.com/support/errata/RHSA-2006-0635.html

www.securityfocus.com/archive/1/444318/100/0/threaded

www.securityfocus.com/archive/1/451404/100/0/threaded

www.securityfocus.com/archive/1/451417/100/200/threaded

www.securityfocus.com/archive/1/451419/100/200/threaded

www.securityfocus.com/archive/1/451426/100/200/threaded

www.trustix.org/errata/2006/0052/

www.ubuntu.com/usn/usn-324-1

www.ubuntu.com/usn/usn-341-1

www.vmware.com/download/esx/esx-202-200610-patch.html

www.vmware.com/download/esx/esx-213-200610-patch.html

www.vmware.com/download/esx/esx-254-200610-patch.html

www.vupen.com/english/advisories/2006/4502

www.vupen.com/english/advisories/2006/4522

www.vupen.com/english/advisories/2007/0381

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.168 Low

EPSS

Percentile

96.1%

JSON

Related for NVD:CVE-2006-3467

cvelist2 nessus53 debiancve2 ubuntucve2 cve4 openvas37 freebsd1 centos6 redhat5 debian3 gentoo4 ubuntu3 slackware1 veracode1 suse2 nvd3 fedora2 prion1 oraclelinux3 osv2 securityvulns4