Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-2497
HistoryAug 19, 2010 - 12:00 a.m.

CVE-2010-2497

2010-08-1900:00:00
ubuntu.com
ubuntu.com
11

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.005

Percentile

75.6%

Integer underflow in glyph handling in FreeType before 2.4.0 allows remote
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code via a crafted font file.

Bugs

Notes

Author Note
mdeslaur code not present in lucid and earlier

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.005

Percentile

75.6%