Lucene search
GoogleOSV:DSA-2105-1HistorySep 07, 2010 - 12:00 a.m.
freetype - several vulnerabilities
2010-09-0700:00:00
Google
osv.dev
7
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.399 Low
EPSS
Percentile
96.7%
Several vulnerabilities have been discovered in the FreeType font
library. The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2010-1797
Multiple stack-based buffer overflows in the
cff_decoder_parse_charstrings function in the CFF Type2 CharStrings
interpreter in cff/cffgload.c in FreeType allow remote attackers to
execute arbitrary code or cause a denial of service (memory
corruption) via crafted CFF opcodes in embedded fonts in a PDF
document, as demonstrated by JailbreakMe. - CVE-2010-2541
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted font file. - CVE-2010-2805
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType does
not properly validate certain position values, which allows remote
attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a crafted font file - CVE-2010-2806
Array index error in the t42_parse_sfnts function in
type42/t42parse.c in FreeType allows remote attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via negative size values for certain strings in FontType42 font
files, leading to a heap-based buffer overflow. - CVE-2010-2807
FreeType uses incorrect integer data types during bounds checking,
which allows remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
font file. - CVE-2010-2808
Buffer overflow in the Mac_Read_POST_Resource function in
base/ftobjs.c in FreeType allows remote attackers to cause a denial
of service (memory corruption and application crash) or possibly
execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka
LWFN) font. - CVE-2010-3053
bdf/bdflib.c in FreeType allows remote attackers to cause a denial of
service (application crash) via a crafted BDF font file, related to
an attempted modification of a value in a static string.
For the stable distribution (lenny), these problems have been fixed in
version 2.3.7-2+lenny3
For the unstable distribution (sid) and the testing distribution
(squeeze), these problems have been fixed in version 2.4.2-1
We recommend that you upgrade your freetype package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freetype | eq | 2.3.7-2 | |
| freetype | eq | 2.3.7-2+lenny1 | |
| freetype | eq | 2.3.7-2+lenny2 |
References
Related
nessus
nessus
Debian DSA-2105-1 : freetype - several vulnerabilities
2010-09-09 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : freetype vulnerabilities (USN-972-1)
2010-08-18 00:00:00
Mandriva Linux Security Advisory : freetype2 (MDVSA-2010:157)
2010-08-23 00:00:00
debian
debian
[SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
2010-09-07 20:39:32
[SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
2010-09-07 20:39:32
openvas
openvas
Debian: Security Advisory (DSA-2105-1)
2023-03-08 00:00:00
FreeType Multiple denial of service vulnerabilities (Windows)
2010-09-01 00:00:00
FreeType <= 2.4.1 Multiple DoS Vulnerabilities - Windows
2010-09-01 00:00:00
securityvulns
securityvulns
[USN-972-1] FreeType vulnerabilities
2010-08-19 00:00:00
freetype library multiple security vulnerabilities
2011-11-27 00:00:00
[CORE-2010-0825] Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch
2010-11-10 00:00:00
ubuntu
ubuntu
FreeType vulnerabilities
2010-08-17 00:00:00
redhat
redhat
(RHSA-2010:0864) Important: freetype security update
2010-11-10 00:00:00
(RHSA-2010:0737) Important: freetype security update
2010-10-04 00:00:00
(RHSA-2010:0607) Important: freetype security update
2010-08-05 00:00:00
oraclelinux
oraclelinux
freetype security update
2010-11-16 00:00:00
freetype security update
2010-10-04 00:00:00
freetype security update
2010-08-05 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: freetype-2.3.11-6.fc13
2010-10-19 07:23:19
[SECURITY] Fedora 12 Update: freetype-2.3.11-6.fc12
2010-11-01 20:53:44
[SECURITY] Fedora 12 Update: freetype-2.3.11-7.fc12
2010-11-21 21:56:42
gentoo
gentoo
FreeType: Multiple vulnerabilities
2012-01-23 00:00:00
centos
centos
freetype security update
2010-10-04 20:11:54
freetype security update
2010-08-06 11:36:59
freetype security update
2010-08-16 21:19:51
prion
prion
Design/Logic Flaw
2010-08-19 18:00:00
Buffer overflow
2010-08-19 18:00:00
Heap overflow
2010-08-19 18:00:00
ubuntucve
ubuntucve
debiancve
debiancve
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:49:49
Arbitrary Code Execution
2020-04-10 00:48:57
Arbitrary Code Execution
2020-04-10 00:47:01
cve
cve
seebug
seebug
Foxit Reader <= 4.0 pdf Jailbreak Exploit
2014-07-01 00:00:00
Foxit Reader <= 4.0 pdf Jailbreak Exploit
2010-08-25 00:00:00
exploitpack
exploitpack
Foxit Reader 4.0 - .pdf Multiple Stack Based Buffer Overflow Jailbreak
2010-08-24 00:00:00
packetstorm
packetstorm
Foxit Reader 4.0 PDF Jailbreak
2010-08-26 00:00:00
cert
cert
FreeType 2 CFF font stack corruption vulnerability
2010-08-05 00:00:00
exploitdb
exploitdb
threatpost
threatpost
Apple Zaps JailbreakMe Bugs in Record Time
2010-08-11 19:43:56
suse
suse
Security update for freetype2 (important)
2012-04-23 18:08:18
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.399 Low
EPSS
Percentile
96.7%
Related for OSV:DSA-2105-1