FreeType vulnerabilities

2010-08-1700:00:00

ubuntu.com

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.513 Medium

EPSS

Percentile

97.5%

JSON

Releases

Ubuntu 10.04
Ubuntu 9.10
Ubuntu 9.04
Ubuntu 8.04
Ubuntu 6.06

Packages

freetype -

Details

It was discovered that FreeType did not correctly handle certain malformed
font files. If a user were tricked into using a specially crafted font
file, a remote attacker could cause FreeType to crash or possibly execute
arbitrary code with user privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchlibfreetype6< 2.3.9-5ubuntu0.2UNKNOWN
Ubuntu9.10noarchfreetype2-demos< 2.3.9-5ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibfreetype6-dev< 2.3.9-5ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibfreetype6-udeb< 2.3.9-5ubuntu0.2UNKNOWN
Ubuntu9.04noarchlibfreetype6< 2.3.9-4ubuntu0.3UNKNOWN
Ubuntu9.04noarchfreetype2-demos< 2.3.9-4ubuntu0.3UNKNOWN
Ubuntu9.04noarchlibfreetype6-dev< 2.3.9-4ubuntu0.3UNKNOWN
Ubuntu9.04noarchlibfreetype6-udeb< 2.3.9-4ubuntu0.3UNKNOWN
Ubuntu8.04noarchlibfreetype6< 2.3.5-1ubuntu4.8.04.4UNKNOWN
Ubuntu8.04noarchfreetype2-demos< 2.3.5-1ubuntu4.8.04.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	9.10	noarch	libfreetype6	< 2.3.9-5ubuntu0.2	UNKNOWN
Ubuntu	9.10	noarch	freetype2-demos	< 2.3.9-5ubuntu0.2	UNKNOWN
Ubuntu	9.10	noarch	libfreetype6-dev	< 2.3.9-5ubuntu0.2	UNKNOWN
Ubuntu	9.10	noarch	libfreetype6-udeb	< 2.3.9-5ubuntu0.2	UNKNOWN
Ubuntu	9.04	noarch	libfreetype6	< 2.3.9-4ubuntu0.3	UNKNOWN
Ubuntu	9.04	noarch	freetype2-demos	< 2.3.9-4ubuntu0.3	UNKNOWN
Ubuntu	9.04	noarch	libfreetype6-dev	< 2.3.9-4ubuntu0.3	UNKNOWN
Ubuntu	9.04	noarch	libfreetype6-udeb	< 2.3.9-4ubuntu0.3	UNKNOWN
Ubuntu	8.04	noarch	libfreetype6	< 2.3.5-1ubuntu4.8.04.4	UNKNOWN
Ubuntu	8.04	noarch	freetype2-demos	< 2.3.5-1ubuntu4.8.04.4	UNKNOWN