Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1095-1
HistoryJun 10, 2006 - 12:00 a.m.

freetype - integer overflows

2006-06-1000:00:00
Google
osv.dev
7

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.398 Low

EPSS

Percentile

96.7%

JSON

Several problems have been discovered in the FreeType 2 font engine.
The Common vulnerabilities and Exposures project identifies the
following problems:

  • CVE-2006-0747
    Several integer underflows have been discovered which could allow
    remote attackers to cause a denial of service.
  • CVE-2006-1861
    Chris Evans discovered several integer overflows that lead to a
    denial of service or could possibly even lead to the execution of
    arbitrary code.
  • CVE-2006-2493
    Several more integer overflows have been discovered which could
    possibly lead to the execution of arbitrary code.
  • CVE-2006-2661
    A null pointer dereference could cause a denial of service.

For the old stable distribution (woody) these problems have been fixed in
version 2.0.9-1woody1.

For the stable distribution (sarge) these problems have been fixed in
version 2.1.7-2.5.

For the unstable distribution (sid) these problems will be fixed soon

We recommend that you upgrade your libfreetype packages.

CPENameOperatorVersion
freetypeeq2.1.7-2.4

Related

debian 1
nessus 22
ubuntu 1
openvas 29
suse 1
redhat 3
centos 3
cve 6
ubuntucve 4
debiancve 4
prion 3
freebsd 1
oraclelinux 2
slackware 1
gentoo 3
veracode 1
fedora 2
securityvulns 1
debian
debian
[SECURITY] [DSA 1095-1] New freetype packages fix several vulnerabilities
2006-06-10 05:22:33
nessus
nessus
Debian DSA-1095-1 : freetype - integer overflows
2006-10-14 00:00:00
openSUSE 10 Security Update : freetype2 (freetype2-1608)
2007-10-17 00:00:00
Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerabilities (USN-291-1)
2007-11-10 00:00:00
ubuntu
ubuntu
FreeType vulnerabilities
2006-06-08 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1095-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1095-1 (freetype)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-291-1)
2022-08-26 00:00:00
suse
suse
remote code execution in freetype2, freetype2-devel
2006-06-27 12:24:46
redhat
redhat
(RHSA-2006:0500) freetype security update
2006-07-18 00:00:00
(RHSA-2009:1062) Important: freetype security update
2009-05-22 00:00:00
(RHSA-2009:0329) Important: freetype security update
2009-05-22 00:00:00
centos
centos
freetype security update
2006-07-18 22:54:54
freetype security update
2006-07-18 12:29:16
freetype security update
2009-05-22 14:02:05
cve
cve
CVE-2006-1861
2006-05-23 10:06:00
CVE-2006-2493
2006-05-20 03:02:00
CVE-2006-2661
2006-05-30 19:02:00
ubuntucve
ubuntucve
CVE-2006-1861
2006-05-23 00:00:00
CVE-2006-2661
2006-05-30 00:00:00
CVE-2006-0747
2006-05-23 00:00:00
debiancve
debiancve
CVE-2006-1861
2006-05-23 10:06:00
CVE-2006-2661
2006-05-30 19:02:00
CVE-2006-0747
2006-05-23 10:06:00
prion
prion
Integer overflow
2006-05-23 10:06:00
Design/Logic Flaw
2006-05-30 19:02:00
Integer overflow
2006-05-23 10:06:00
freebsd
freebsd
freetype -- LWFN Files Buffer Overflow Vulnerability
2006-07-10 00:00:00
oraclelinux
oraclelinux
Moderate: freetype security update
2007-04-16 00:00:00
freetype security update
2009-05-26 00:00:00
slackware
slackware
[slackware-security] x11
2006-07-26 21:25:09
gentoo
gentoo
NX 2.1: User-assisted execution of arbitrary code
2007-10-09 00:00:00
FreeType: Multiple integer overflows
2006-07-09 00:00:00
FreeType 1: User-assisted execution of arbitrary code
2010-06-01 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:37
fedora
fedora
[SECURITY] Fedora 10 Update: freetype1-1.4-0.8.pre.fc10
2009-05-28 08:01:17
[SECURITY] Fedora 11 Update: freetype1-1.4-0.8.pre.fc11
2009-05-28 08:17:11
securityvulns
securityvulns
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.398 Low

EPSS

Percentile

96.7%

JSON
Related for OSV:DSA-1095-1
debian1nessus22ubuntu1openvas29suse1redhat3centos3cve6ubuntucve4debiancve4prion3freebsd1oraclelinux2slackware1gentoo3veracode1fedora2securityvulns1