Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-3855
HistoryOct 22, 2010 - 12:00 a.m.

CVE-2010-3855

2010-10-2200:00:00
ubuntu.com
ubuntu.com
9

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.174 Low

EPSS

Percentile

96.0%

Buffer overflow in the ft_var_readpackedpoints function in
truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to
cause a denial of service (application crash) or possibly execute arbitrary
code via a crafted TrueType GX font.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchfreetype< 2.1.10-1ubuntu2.10UNKNOWN
ubuntu8.04noarchfreetype< 2.3.5-1ubuntu4.8.04.6UNKNOWN
ubuntu9.10noarchfreetype< 2.3.9-5ubuntu0.4UNKNOWN
ubuntu10.04noarchfreetype< 2.3.11-1ubuntu2.4UNKNOWN
ubuntu10.10noarchfreetype< 2.4.2-2ubuntu0.1UNKNOWN

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.174 Low

EPSS

Percentile

96.0%