Lucene search
UbuntuUSN-1686-1HistoryJan 14, 2013 - 12:00 a.m.
FreeType vulnerabilities
2013-01-1400:00:00
ubuntu.com
34
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.2 High
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.2%
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
- Ubuntu 8.04
Packages
- freetype - FreeType 2 is a font engine library
Details
Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash or
possibly execute arbitrary code with user privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | libfreetype6 | < 2.3.5-1ubuntu4.8.04.10 | UNKNOWN |
| Ubuntu | 8.04 | noarch | freetype2-demos | < 2.3.5-1ubuntu4.8.04.10 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libfreetype6-dev | < 2.3.5-1ubuntu4.8.04.10 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libfreetype6-udeb | < 2.3.5-1ubuntu4.8.04.10 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libfreetype6 | < 2.4.10-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | freetype2-demos | < 2.4.10-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libfreetype6-dev | < 2.4.10-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libfreetype6-udeb | < 2.4.10-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libfreetype6 | < 2.4.8-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | freetype2-demos | < 2.4.8-1ubuntu2.1 | UNKNOWN |
Related
nessus
nessus
GLSA-201402-16 : FreeType: Multiple vulnerabilities
2014-02-12 00:00:00
openSUSE Security Update : freetype2 (openSUSE-SU-2013:0165-1)
2014-06-13 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1686-1)
2013-01-15 00:00:00
Slackware: Security Advisory (SSA:2013-015-01)
2022-04-21 00:00:00
Ubuntu Update for freetype USN-1686-1
2013-01-15 00:00:00
gentoo
gentoo
FreeType: Multiple vulnerabilities
2014-02-11 00:00:00
slackware
slackware
freetype
2013-01-15 20:21:38
debian
debian
[BSA-078] Security Update for freetype
2013-01-09 06:28:35
securityvulns
securityvulns
FreeType security vulnerabilities
2013-01-14 00:00:00
[USN-1686-1] FreeType vulnerabilities
2013-01-14 00:00:00
nvd
nvd
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
Out-of-bounds
2013-01-24 21:55:00
Null pointer dereference
2013-01-24 21:55:00
Out-of-bounds
2013-01-24 21:55:00
cve
cve
cvelist
cvelist
redhat
redhat
(RHSA-2013:0216) Important: freetype security update
2013-01-31 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: freetype-2.4.10-3.fc18
2013-02-05 02:57:50
[SECURITY] Fedora 17 Update: freetype-2.4.8-4.fc17
2013-02-12 05:14:15
amazon
amazon
Important: freetype
2013-02-03 12:34:00
centos
centos
freetype security update
2013-01-31 21:55:44
f5
f5
SOL15095307 - BDF parsing vulnerability CVE-2012-5669
2016-02-01 00:00:00
K15095307 : BDF parsing vulnerability CVE-2012-5669
2016-02-02 00:00:00
veracode
veracode
Denial Of Service (Dos)
2019-01-15 08:55:06
oraclelinux
oraclelinux
freetype security update
2013-01-31 00:00:00
freetype security update
2015-03-17 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.2 High
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.2%
Related for USN-1686-1