Lucene search
UbuntuUSN-963-1HistoryJul 20, 2010 - 12:00 a.m.
FreeType vulnerabilities
2010-07-2000:00:00
ubuntu.com
35
8.7 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.0%
Releases
- Ubuntu 10.04
- Ubuntu 9.10
- Ubuntu 9.04
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- freetype -
Details
Robert Święcki discovered that FreeType did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could execute arbitrary code with user
privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | libfreetype6 | < 2.3.9-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | freetype2-demos | < 2.3.9-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libfreetype6-dev | < 2.3.9-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libfreetype6-udeb | < 2.3.9-5ubuntu0.1 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libfreetype6 | < 2.3.9-4ubuntu0.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | freetype2-demos | < 2.3.9-4ubuntu0.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libfreetype6 | < dev-2.3.9-4ubuntu0.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libfreetype6 | < udeb-2.3.9-4ubuntu0.2 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libfreetype6 | < 2.3.5-1ubuntu4.8.04.3 | UNKNOWN |
| Ubuntu | 8.04 | noarch | freetype2-demos | < 2.3.5-1ubuntu4.8.04.3 | UNKNOWN |
Related
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : freetype vulnerabilities (USN-963-1)
2010-07-21 00:00:00
Debian DSA-2070-1 : freetype - several vulnerabilities
2010-07-15 00:00:00
CentOS 4 / 5 : freetype (CESA-2010:0578)
2010-08-03 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-963-1)
2010-07-23 00:00:00
Ubuntu Update for freetype vulnerabilities USN-963-1
2010-07-23 00:00:00
FreeType Memory Corruption and Buffer Overflow Vulnerabilities - Windows
2010-09-01 00:00:00
n0where
n0where
General Purpose Fuzzing: Honggfuzz
2015-06-05 15:50:13
debian
debian
[SECURITY] [DSA 2070-1] New freetype packages fix several vulnerabilities
2010-07-14 20:04:45
securityvulns
securityvulns
[SECURITY] [DSA 2070-1] New freetype packages fix several vulnerabilities
2010-07-16 00:00:00
freetype library multiple security vulnerabilities
2011-11-27 00:00:00
About the security content of Mac OS X v10.6.5 and Security Update 2010-007
2010-11-18 00:00:00
oraclelinux
oraclelinux
freetype security update
2010-07-30 00:00:00
freetype security update
2010-07-30 00:00:00
centos
centos
freetype security update
2010-08-03 00:36:19
freetype security update
2010-08-16 21:19:51
redhat
redhat
(RHSA-2010:0578) Important: freetype security update
2010-07-30 00:00:00
(RHSA-2010:0577) Important: freetype security update
2010-07-30 00:00:00
(RHSA-2010:0622) Important: rhev-hypervisor security and bug fix update
2010-08-19 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: freetype-2.3.11-6.fc13
2010-10-19 07:23:19
[SECURITY] Fedora 12 Update: freetype-2.3.11-6.fc12
2010-11-01 20:53:44
[SECURITY] Fedora 12 Update: freetype-2.3.11-7.fc12
2010-11-21 21:56:42
gentoo
gentoo
FreeType: Multiple vulnerabilities
2012-01-23 00:00:00
cve
cve
prion
prion
Buffer overflow
2010-08-19 18:00:00
Integer overflow
2010-08-19 18:00:00
Heap overflow
2010-08-19 18:00:00
veracode
veracode
Buffer Overflow
2020-04-10 00:49:48
Arbitrary Code Execution
2020-04-10 00:49:49
Denial Of Service (DoS)
2020-04-10 00:49:48
debiancve
debiancve
ubuntucve
ubuntucve
suse
suse
Security update for freetype2 (important)
2012-04-23 18:08:18
8.7 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.0%
Related for USN-963-1