Lucene search
HistoryJun 26, 2007 - 6:30 p.m.
CVE-2007-3408
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
High
0.622 Medium
EPSS
Percentile
97.9%
Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.
Affected configurations
Node
diadiaRange≤0.96.1
Related
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
debiancve
debiancve
prion
prion
Design/Logic Flaw
2007-06-26 18:30:00
Integer overflow
2007-04-06 01:19:00
Integer overflow
2007-05-17 22:30:00
nessus
nessus
openSUSE 10 Security Update : freetype2 (freetype2-3066)
2007-10-17 00:00:00
Debian DSA-1454-1 : freetype - integer overflow
2008-01-08 00:00:00
Slackware 10.1 / 10.2 / 11.0 / current : freetype (SSA:2007-109-01)
2007-04-30 00:00:00
openvas
openvas
Slackware Advisory SSA:2007-109-01 freetype
2012-09-11 00:00:00
Mandriva Update for freetype2 MDKSA-2007:081 (freetype2)
2009-04-09 00:00:00
Slackware: Security Advisory (SSA:2007-109-01)
2012-09-10 00:00:00
redhat
redhat
(RHSA-2007:0150) Moderate: freetype security update
2007-04-16 00:00:00
(RHSA-2007:0403) Moderate: freetype security update
2007-06-11 00:00:00
(RHSA-2007:0132) Important: libXfont security update
2007-04-03 00:00:00
gentoo
gentoo
FreeType: User-assisted execution of arbitrary code
2007-05-01 00:00:00
FreeType: Buffer overflow
2007-05-30 00:00:00
OpenOffice.org: Two buffer overflows
2007-07-02 00:00:00
debian
debian
[SECURITY] [DSA 1454-1] New freetype packages fix arbitrary code execution
2008-01-07 19:48:32
[SECURITY] [DSA 1302-1] New freetype packages fix integer overflow
2007-06-10 13:48:40
[SECURITY] [DSA 1334-1] New freetype packages fix arbitary code execution
2007-07-18 20:18:17
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:13
Arbitrary Code Execution
2020-04-10 00:19:09
nvd
nvd
CVE-2007-1351
2007-04-06 01:19:00
CVE-2007-2754
2007-05-17 22:30:00
slackware
slackware
[slackware-security] freetype
2007-04-20 02:55:00
centos
centos
freetype security update
2007-04-16 12:48:19
freetype security update
2007-06-12 00:56:26
freetype security update
2007-06-11 09:27:08
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability
2007-04-04 00:00:00
rPSA-2007-0108-1 freetype
2007-05-25 00:00:00
freetype integer overflow
2007-05-25 00:00:00
osv
osv
freetype - arbitrary code execution
2008-01-07 00:00:00
xfree86
2007-05-17 00:00:00
suse
suse
remote code execution in freetype2
2007-07-04 13:46:33
local privilege escalation in XFree86, Xorg
2007-04-20 16:38:35
fedora
fedora
[SECURITY] Fedora 7 Update: freetype-2.3.4-3.fc7
2007-06-06 02:56:13
[SECURITY] Fedora 11 Update: freetype1-1.4-0.8.pre.fc11
2009-05-28 08:17:11
[SECURITY] Fedora 10 Update: freetype1-1.4-0.8.pre.fc10
2009-05-28 08:01:17
ubuntu
ubuntu
freetype vulnerability
2007-05-30 00:00:00
X.org vulnerabilities
2007-04-03 00:00:00
freebsd
freebsd
FreeType 2 -- Heap overflow vulnerability
2007-04-27 00:00:00
oraclelinux
oraclelinux
Moderate: freetype security update
2007-06-11 00:00:00
Important: XFree86 security update
2007-04-04 00:00:00
Moderate: freetype security update
2007-04-16 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
High
0.622 Medium
EPSS
Percentile
97.9%
Related for NVD:CVE-2007-3408