6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
freetype is vulnerable to arbitrary code execution. The vulnerability exists as a stack-based buffer overflow flaw was found in the way the FreeType font rendering engine processed some PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
freetype.sourceforge.net/index2.html#release-freetype-2.4.2
git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
marc.info/?l=oss-security&m=128110167119337&w=2
marc.info/?l=oss-security&m=128111955616772&w=2
secunia.com/advisories/40816
secunia.com/advisories/40982
secunia.com/advisories/42314
secunia.com/advisories/42317
sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
support.apple.com/kb/HT4435
support.apple.com/kb/HT4456
support.apple.com/kb/HT4457
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2010-0864.html
www.securityfocus.com/bid/42285
www.ubuntu.com/usn/USN-972-1
www.vupen.com/english/advisories/2010/2018
www.vupen.com/english/advisories/2010/2106
www.vupen.com/english/advisories/2010/3045
www.vupen.com/english/advisories/2010/3046
access.redhat.com/errata/RHSA-2010:0737
access.redhat.com/errata/RHSA-2010:0864
access.redhat.com/security/cve/CVE-2010-2808
bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019
bugzilla.redhat.com/show_bug.cgi?id=621907
rhn.redhat.com/errata/RHSA-2010-0737.html
savannah.nongnu.org/bugs/?30658