Lucene search

[email protected]NVD:CVE-2010-3053

HistoryAug 19, 2010 - 6:00 p.m.

CVE-2010-3053

2010-08-1918:00:06

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

High

EPSS

0.309

Percentile

97.0%

JSON

bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.

Affected configurations

Nvd

Node

freetypefreetypeRange≤2.4.1

freetypefreetypeMatch1.3.1

freetypefreetypeMatch2.0.6

freetypefreetypeMatch2.0.9

freetypefreetypeMatch2.1

freetypefreetypeMatch2.1.3

freetypefreetypeMatch2.1.4

freetypefreetypeMatch2.1.5

freetypefreetypeMatch2.1.6

freetypefreetypeMatch2.1.7

freetypefreetypeMatch2.1.8

freetypefreetypeMatch2.1.9

freetypefreetypeMatch2.1.10

freetypefreetypeMatch2.2.0

freetypefreetypeMatch2.2.1

freetypefreetypeMatch2.2.10

freetypefreetypeMatch2.3.0

freetypefreetypeMatch2.3.1

freetypefreetypeMatch2.3.2

freetypefreetypeMatch2.3.3

freetypefreetypeMatch2.3.4

freetypefreetypeMatch2.3.5

freetypefreetypeMatch2.3.6

freetypefreetypeMatch2.3.7

freetypefreetypeMatch2.3.8

freetypefreetypeMatch2.3.9

freetypefreetypeMatch2.3.10

freetypefreetypeMatch2.3.11

freetypefreetypeMatch2.3.12

freetypefreetypeMatch2.4.0

References

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

secunia.com/advisories/42314

secunia.com/advisories/42317

secunia.com/advisories/48951

support.apple.com/kb/HT4435

support.apple.com/kb/HT4456

support.apple.com/kb/HT4457

www.vupen.com/english/advisories/2010/3045

www.vupen.com/english/advisories/2010/3046

bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

High

EPSS

0.309

Percentile

97.0%

JSON

Related for NVD:CVE-2010-3053

prion1 cvelist1 debiancve1 cve1 ubuntucve1 nessus13 openvas12 debian2 osv1 securityvulns2 gentoo1 suse1