Lucene search

K
ubuntuUbuntuUSN-2510-1
HistoryFeb 24, 2015 - 12:00 a.m.

FreeType vulnerabilities

2015-02-2400:00:00
ubuntu.com
47

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

High

EPSS

0.051

Percentile

93.0%

Releases

  • Ubuntu 14.10
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • freetype - FreeType 2 is a font engine library

Details

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges.

Rows per page:
1-10 of 161

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

High

EPSS

0.051

Percentile

93.0%