FreeType ftmac.c read_lwfn() Function Overflow

2006-05-02T08:02:37
ID OSVDB:25654
Type osvdb
Reporter OSVDB
Modified 2006-05-02T08:02:37

Description

Solution Description

Upgrade to version 2.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.freetype.org/ Vendor Specific News/Changelog Entry: https://bugs.freedesktop.org/show_bug.cgi?id=7535 Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=416463 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:20100 Secunia Advisory ID:21385 Secunia Advisory ID:22332 Secunia Advisory ID:20638 Secunia Advisory ID:21000 Secunia Advisory ID:21606 Secunia Advisory ID:21701 Secunia Advisory ID:27271 Secunia Advisory ID:20591 Secunia Advisory ID:20791 Secunia Advisory ID:21135 Secunia Advisory ID:21450 Secunia Advisory ID:21446 Secunia Advisory ID:20525 Secunia Advisory ID:23939 Related OSVDB ID: 25655 Related OSVDB ID: 25656 Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1095 Other Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html Other Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 Other Advisory URL: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200607-02.xml Other Advisory URL: https://issues.rpath.com/browse/RPL-429 ISS X-Force ID: 26553 FrSIRT Advisory: ADV-2006-1868 CVE-2006-1861 CVE-2006-2493 Bugtraq ID: 18034