Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-900-1:1D727
HistoryApr 17, 2017 - 5:50 p.m.

[SECURITY] [DLA 900-1] freetype security update

2017-04-1717:50:28
lists.debian.org
16

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.009

Percentile

83.1%

JSON

Package : freetype
Version : 2.4.9-1.1+deb7u5
CVE ID : CVE-2016-10328
Debian Bug : 860303

The Freetype 2 font engine was vulnerable to an out-of-bounds write
caused by a heap-based buffer overflow in the cff_parser_run function
in cff/cffparse.c.

For Debian 7 "Wheezy", these problems have been fixed in version
2.4.9-1.1+deb7u5.

We recommend that you upgrade your freetype packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian7i386libfreetype6-dev< 2.4.9-1.1+deb7u5libfreetype6-dev_2.4.9-1.1+deb7u5_i386.deb
Debian7i386libfreetype6< 2.4.9-1.1+deb7u5libfreetype6_2.4.9-1.1+deb7u5_i386.deb
Debian7armellibfreetype6-udeb< 2.4.9-1.1+deb7u5libfreetype6-udeb_2.4.9-1.1+deb7u5_armel.deb
Debian7amd64libfreetype6-udeb< 2.4.9-1.1+deb7u5libfreetype6-udeb_2.4.9-1.1+deb7u5_amd64.deb
Debian7armellibfreetype6-dev< 2.4.9-1.1+deb7u5libfreetype6-dev_2.4.9-1.1+deb7u5_armel.deb
Debian7i386libfreetype6-udeb< 2.4.9-1.1+deb7u5libfreetype6-udeb_2.4.9-1.1+deb7u5_i386.deb
Debian7armhffreetype2-demos< 2.4.9-1.1+deb7u5freetype2-demos_2.4.9-1.1+deb7u5_armhf.deb
Debian7amd64freetype2-demos< 2.4.9-1.1+deb7u5freetype2-demos_2.4.9-1.1+deb7u5_amd64.deb
Debian7armhflibfreetype6-udeb< 2.4.9-1.1+deb7u5libfreetype6-udeb_2.4.9-1.1+deb7u5_armhf.deb
Debian7allfreetype< 2.4.9-1.1+deb7u5freetype_2.4.9-1.1+deb7u5_all.deb
Rows per page:
1-10 of 171

Related

cve 1
ibm 3
nessus 5
cvelist 1
cloudfoundry 1
openvas 4
redhatcve 1
debiancve 1
ubuntu 1
veracode 1
prion 1
ubuntucve 1
osv 1
nvd 1
debian 1
mageia 1
gentoo 1
f5 1
oracle 2
cve
cve
CVE-2016-10328
2017-04-14 04:59:00
ibm
ibm
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in freetype2 (CVE-2016-10328)
2018-07-30 22:30:32
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in Freetype 2 (CVE-2016-10328)
2023-12-07 22:31:02
Security Bulletin: Multiple vulnerabilities affects IBM Engineering Requirements Management DOORS Next
2020-06-18 21:10:47
nessus
nessus
Debian DLA-900-1 : freetype security update
2017-04-18 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : FreeType vulnerability (USN-3263-1)
2017-04-21 00:00:00
SUSE SLES11 Security Update : freetype2 (SUSE-SU-2018:0837-1)
2018-03-30 00:00:00
cvelist
cvelist
CVE-2016-10328
2017-04-14 04:30:00
cloudfoundry
cloudfoundry
USN-3263-1: FreeType vulnerability | Cloud Foundry
2017-05-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3263-1)
2017-04-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0837-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-918-1)
2018-01-16 00:00:00
redhatcve
redhatcve
CVE-2016-10328
2017-04-24 14:19:14
debiancve
debiancve
CVE-2016-10328
2017-04-14 04:59:00
ubuntu
ubuntu
FreeType vulnerability
2017-04-21 00:00:00
veracode
veracode
Out-of-Bounds Write
2017-04-26 04:43:17
prion
prion
Heap overflow
2017-04-14 04:59:00
ubuntucve
ubuntucve
CVE-2016-10328
2017-04-14 00:00:00
osv
osv
CVE-2016-10328
2017-04-14 04:59:00
nvd
nvd
CVE-2016-10328
2017-04-14 04:59:00
debian
debian
[SECURITY] [DLA 918-1] freetype security update
2017-04-26 15:51:04
mageia
mageia
Updated freetype2 packages fix security vulnerability
2017-05-02 09:37:59
gentoo
gentoo
FreeType: Multiple vulnerabilities
2017-06-06 00:00:00
f5
f5
K000141126: Multiple FreeType vulnerabilities
2024-09-19 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.009

Percentile

83.1%

JSON
Related for DEBIAN:DLA-900-1:1D727
cve1ibm3nessus5cvelist1cloudfoundry1openvas4redhatcve1debiancve1ubuntu1veracode1prion1ubuntucve1osv1nvd1debian1mageia1gentoo1f51oracle2