Lucene search

Veracode Vulnerability DatabaseVERACODE:23607

HistoryApr 10, 2020 - 12:31 a.m.

Integer Overflows

2020-04-1000:31:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

FreeType is Integer Overflows. Due to several integer overflow flaws in the FreeType 2 font engine, if a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.

CPENameOperatorVersion
freetypeeq2.0.3__10.el21
freetypeeq2.0.3__13.el21
freetypeeq2.1.4__5.el3
freetypeeq2.1.9__7.el4.6
freetypeeq2.2.1__20.el5_2
freetypeeq2.2.1__19.el5
freetypeeq2.1.4__6.el3
freetypeeq2.1.9__4.el4
freetypeeq2.1.4__10.el3
freetypeeq2.1.4__8.el3

Name	Operator	Version
freetype	eq	2.0.3__10.el21
freetype	eq	2.0.3__13.el21
freetype	eq	2.1.4__5.el3
freetype	eq	2.1.9__7.el4.6
freetype	eq	2.2.1__20.el5_2
freetype	eq	2.2.1__19.el5
freetype	eq	2.1.4__6.el3
freetype	eq	2.1.9__4.el4
freetype	eq	2.1.4__10.el3
freetype	eq	2.1.4__8.el3

Rows per page:

1-10 of 191

References

git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5

git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b

git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e

git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog

lists.apple.com/archives/security-announce/2009/jun/msg00002.html

lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

lists.apple.com/archives/security-announce/2009/May/msg00002.html

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

secunia.com/advisories/34723

secunia.com/advisories/34913

secunia.com/advisories/34967

secunia.com/advisories/35065

secunia.com/advisories/35074

secunia.com/advisories/35198

secunia.com/advisories/35200

secunia.com/advisories/35204

secunia.com/advisories/35210

secunia.com/advisories/35379

security.gentoo.org/glsa/glsa-200905-05.xml

sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1

support.apple.com/kb/HT3549

support.apple.com/kb/HT3613

support.apple.com/kb/HT3639

support.apple.com/kb/HT4435

www.debian.org/security/2009/dsa-1784

www.mandriva.com/security/advisories?name=MDVSA-2009:243

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2009-0329.html

www.redhat.com/support/errata/RHSA-2009-1061.html

www.redhat.com/support/errata/RHSA-2009-1062.html

www.redhat.com/support/policy/soc/production/

www.securityfocus.com/bid/34550

www.ubuntu.com/usn/USN-767-1

www.us-cert.gov/cas/techalerts/TA09-133A.html

www.vupen.com/english/advisories/2009/1058

www.vupen.com/english/advisories/2009/1297

www.vupen.com/english/advisories/2009/1522

www.vupen.com/english/advisories/2009/1621

access.redhat.com/errata/RHSA-2009:0329

bugzilla.redhat.com/show_bug.cgi?id=491384

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for VERACODE:23607