Lucene search
UbuntuUSN-1173-1HistoryJul 25, 2011 - 12:00 a.m.
FreeType vulnerability
2011-07-2500:00:00
ubuntu.com
26
7.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.058 Low
EPSS
Percentile
93.3%
Releases
- Ubuntu 11.04
- Ubuntu 10.10
Packages
- freetype - FreeType 2 is a font engine library
Details
It was discovered that FreeType did not correctly handle certain malformed
Type 1 font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.04 | noarch | libfreetype6 | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | freetype2-demos | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libfreetype6-dev | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libfreetype6-udeb | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libfreetype6 | < 2.4.2-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | freetype2-demos | < 2.4.2-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libfreetype6-dev | < 2.4.2-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libfreetype6-udeb | < 2.4.2-2ubuntu0.2 | UNKNOWN |
References
Related
nessus
nessus
Oracle Linux 6 : freetype (ELSA-2011-1085)
2013-07-12 00:00:00
FreeBSD : freetype2 -- execute arbitrary code or cause denial of service (5d374b01-c3ee-11e0-8aa5-485d60cb5385)
2011-08-12 00:00:00
openSUSE Security Update : freetype2 (openSUSE-SU-2011:0852-1)
2014-06-13 00:00:00
openvas
openvas
FreeBSD Ports: freetype2
2011-09-21 00:00:00
Debian: Security Advisory (DSA-2294-1)
2011-09-21 00:00:00
Mandriva Update for freetype2 MDVSA-2011:120 (freetype2)
2011-08-02 00:00:00
debiancve
debiancve
CVE-2011-0226
2011-07-19 22:55:00
CVE-2011-3256
2011-10-14 10:55:00
oraclelinux
oraclelinux
freetype security update
2011-07-21 00:00:00
freetype security update
2013-01-31 00:00:00
cve
cve
CVE-2011-0226
2011-07-19 22:55:00
CVE-2011-3256
2011-10-14 10:55:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:59:45
debian
debian
[SECURITY] [DSA 2294-1] freetype security update
2011-08-14 18:41:39
[BSA-068] Security Update for freetype
2012-03-23 06:56:21
freebsd
freebsd
freetype2 -- execute arbitrary code or cause denial of service
2011-07-19 00:00:00
redhat
redhat
(RHSA-2011:1085) Important: freetype security update
2011-07-21 00:00:00
prion
prion
Integer overflow
2011-07-19 22:55:00
Memory corruption
2011-10-14 10:55:00
suse
suse
freetype: Fixed several off-by-one / length checks missing (important)
2011-07-28 00:08:34
Security update for freetype2 (important)
2011-07-28 00:08:40
checkpoint_advisories
checkpoint_advisories
FreeType PostScript Type1 Font Parsing Code Execution (CVE-2011-0226)
2011-10-04 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: freetype-2.4.4-5.fc15
2011-08-17 01:15:25
[SECURITY] Fedora 15 Update: freetype-2.4.4-6.fc15
2011-11-10 17:51:50
[SECURITY] Fedora 14 Update: freetype-2.4.2-5.fc14
2011-08-31 01:24:38
ubuntucve
ubuntucve
CVE-2011-0226
2011-07-19 00:00:00
CVE-2011-3256
2011-10-14 00:00:00
securityvulns
securityvulns
APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone
2011-07-18 00:00:00
APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update
2011-07-18 00:00:00
Apple iOS (iOS) security vulnerabilities
2011-07-26 00:00:00
gentoo
gentoo
FreeType: Multiple vulnerabilities
2012-01-23 00:00:00
7.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.058 Low
EPSS
Percentile
93.3%
Related for USN-1173-1